Summary:
-
Ghost Network Discovery: Researchers at Check Point uncovered a secretive network of 3,000 “ghost” accounts on GitHub, promoting malicious content. Dubbed “Stargazer Goblin,” the cybercriminal behind this has been active since June 2023.
-
Malicious Manipulation: The network exploits GitHub’s community features, such as “starring,” “forking,” and “watching” repositories, to make malicious pages appear legitimate and popular. This tactic enhances the visibility and credibility of harmful repositories.
-
Targeting Windows Users: The Stargazers Ghost Network targets Windows users, spreading ransomware and info-stealer malware disguised as legitimate software tools.
!