Cyberespionage Campaign Targets Open Source Developers

by Developer.com Staff

If you post to GitHub, be on alert for phishing emails.

According to Palo Alto Networks, attackers have been targeting developers who post to GitHub with a cyberespionage campaign that leverages malware called Dimnie. The malware has been spreading through phishing emails that ask for help with coding projects or offer to pay for custom development. The Word document attached to the emails downloads the malware, which has the ability to do keylogging, screen captures and more. Dimnie can also eliminate all traces of its presence from your system.

The campaign appears very similar to other recent attacks that have been carried out by nation-states. Experts say developers often have information that is highly valuable to attackers on their systems.

View article

This article was originally published on Thursday Mar 30th 2017
Mobile Site | Full Site