The attack by the Lazarus Group, uncovered by the Socket Research Team, leveraged GitHub to host malicious repositories, increasing the risk of harmful code integration into developer workflows. Similar campaigns have also been spotted on the Python Package Index (PyPI), highlighting a broader effort to exploit multiple open-source ecosystems.

Claim

Name

Types

Claim

Quotes that support claims

Additionally, the APT group created and maintained GitHub repositories for five of the malicious packages, lending an appearance of open source legitimacy and increasing the likelihood of the harmful code being integrated into developer workflows

According to Boychenko: "The APT group created and maintained GitHub repositories for five of the malicious packages, lending an appearance of open source legitimacy and increasing the likelihood of the harmful code being integrated into developer workflows.”

Related projects

Socket

Lazarus Group

Referenced by

Summary

Crypto news

Data block

​

Referenced by

Summary