GitHub users have suffered from malware for stealing Bitcoin wallets

Hackers attacked GitHub users through a fake Python infrastructure. This was reported by the Checkmarx researchers.

The malware was disguised as the popular "colorama" package and distributed to more than 170,000 members of the Top community.gg through a compromised account of one of them.

The attack consisted of a multi-step process of executing code from multiple external sources.

The malware was aimed at stealing browser data, Discord, Instagram, Telegram sessions, files, as well as cryptocurrency wallets. In addition, the keylogger component allowed attackers to read keystrokes to steal passwords, personal messages and financial data.

Source: https://forklog.com/news/polzovateli-github-postradali-ot-vredonosa-dlya-krazhi-bitkoin-koshelkov