• Orchid saw repos that were straight-up clones of his own project — but with an extra malware download link slipped in.
• He noticed something weird: these repos delete and re-push the same commit every few hours. Why? To look freshly “maintained” so GitHub ranks them high and scanners think it’s normal upkeep.
• So he wrote a script that chewed through 16 million GitHub events over 5 days (free gharchive data), filtering for that exact heartbeat: README-only edits, 1–24 times a day, not from a bot.
• 14 repos → 3,000 → 40,000 suspicious → 10,000 confirmed carrying the same trojan.
• Some have been live over a year. Detection? Zero, on the first scan. The bad file only lights up once you unzip it.

The fake repos pose as exactly what people desperately search for: game cheats, cracked Photoshop, free Spotify mods, “exploit” code. You download the zip, run the .exe, and boom — a thing called SmartLoader/StealC quietly empties your saved passwords and crypto wallets. Trend Micro flagged this same playbook getting AI-assisted last year.

The 2026 plot twist? Security folks are calling a related version the “OpenClaw Trap” — repos written to fool AI coding agents that auto-clone whatever ranks highest in search. The bot grabs the poisoned repo, you say “yeah run it,” and you just got robbed by a robot you trusted.

The crooks aren’t cloning famous repos (too watched). They clone brand-new small ones, inject the malware, and because the clone gets the frequent fake “updates,” it outranks the original in GitHub search. The real author’s project ends up buried under its own evil twin.

It’s a search-ranking exploit wearing a malware costume. And the scariest part — it was beatable by ONE person with public data and a weekend. Which means GitHub could’ve caught it. They just… didn’t.

Orchid’s detection trick — spotting repos that re-push the same README every few hours — is now a public recipe. Build a dead-simple “paste a GitHub link → is it poison?” checker using the free gharchive firehose and park it where desperate downloaders live: game-cheat and cracked-software Discord servers.

Example: A 21-year-old in the Philippines runs a tiny Discord bot inside cheat-sharing servers. Someone drops a GitHub link, the bot checks it against the README-churn pattern, replies “ matches the trojan fingerprint” or “looks clean.” Tip jar + server boosts. Pulls ~$600/mo from grateful gamers who’d rather pay $2 than lose their Steam account.

Timeline: First paying server in ~10 days. Stays good until GitHub finally automates the same check (could be months — they’ve sat on it a year already).

Everyone running an AI coding bot (Cursor, Claude Code, whatever) now has a real fear: their bot auto-cloning a poisoned repo. Sell them peace of mind — a daily-updated blocklist of known-bad repo fingerprints they can plug into their setup before the bot fetches anything.

Example: A 26-year-old in Brazil maintains a simple JSON blocklist hosted free on GitHub itself, sells access through Gumroad at $5/mo. Devs wire it into their agent’s “before you clone, check this list” step. Sitting at $1.4k monthly recurring — boring infrastructure nobody else bothered to package.

Timeline: First 50 subscribers in 3–4 weeks if you post it in AI-dev communities. Plateau when a big security vendor ships a free version — so build the email list NOW.

The crooks rank above real projects by faking “freshness” — constant tiny commits. That’s not malware, that’s just a GitHub search-ranking hack. Flip it white-hat: offer indie tool-makers a legit setup that keeps THEIR real repo looking active, so it outranks the evil clone of it.

Example: A 23-year-old in India sells a one-time setup: a GitHub Action that makes small honest updates on a schedule, pushing a dev’s genuine project back above its trojan twin in search. Charges ~$40 per repo, done in an afternoon. Word spreads fast among small open-source authors who got cloned.

Timeline: Cash on day one (it’s a service, not a product). Demand spikes every time a clone-malware story trends — like, uh, right now.

Spin up your OWN decoy repos that match the malware fingerprint exactly — they’re yours, totally legal. Then watch who clones, forks, or phones home. The data on who’s running this operation is worth money to threat-intel folks, and GitHub pays for some abuse reports.

Example: A 24-year-old in Poland runs 30 honeypot repos that look like juicy “exploit” code, logs every callback the loader tries to make, and sells the cleaned-up list of bad infrastructure to a small threat-intel newsletter. One solid data drop netted ~$900. Researchers love primary-source dirt.

Timeline: First useful logs within days (the bots find honeypots FAST). Each intel drop is a fresh payday; the campaign’s still wide open since the operator’s still unknown.

Be the first to ship a free browser extension that paints a GitHub repo page red the second it matches the clone pattern — README-only commit churn, fake contributors, no real code history. Free tier flags, paid tier shows the full forensic breakdown.

Example: A 19-year-old in Nigeria ships a Chrome extension that adds a warning banner on suspicious repos. Free for everyone, $3/mo “pro” tier unlocks the deep commit-history view. Hit 1,200 installs off one viral Reddit post, ~$300/mo and climbing. First-mover owns the keyword.

Timeline: Build it in a weekend, 100 installs in week one if you drop it in r/github. The window’s open until an established security extension copies the feature — move fast.