Github: repositories got infected by Octopus Scanner Malware

June 15, 2020
octopus scanner malware github repositories

Cybersecurity experts from a well-known open resource repository for developers – Github, announced that a backdoor malware had infected some of the uploaded projects. The backdoor malware is named Octopus Scanner. Just like this creature, single library code can tangle to multiple developed software as long as malware injects itself into the project. With its reputation and millions of subscribed users, this is another chaotic instance that they are facing right now. Alvaro Muñoz, one of its security staff, wrote on his report.

Github is known for as a repository that holds different library codes of projects from many developers’ contribution s. Any neophyte or veteran programmer can embed on software codes that they are developing instead of starting from scratch. Relying on Github’s open source contribution eases developers’ time and effort into creating programs to meet any company or client’s requirements. The site also gives options to many developers to interact with each other by providing commentaries or suggestions for each uploaded repository. Thus, many developers considered it a genius move and a great aid on their growing community.


The troubles of Open-Source

However, being an open-source and sort of a free project vault, malicious actors see this opportunity to spread their evil deeds. As reported, some uploaded project library code in the repository is embedded with Octopus Scanner malware. Once this malware has been added to any developed software and executed to any production environment, this will enable the perpetrators to infect the system and soon the whole network infrastructure. The malware said to have the capability to infiltrate sensitive data and brute force attack to obtain escalated access within the network. The initial report confirmed that compromised projects are said to be the one that uses Apache NetBeans on the software that they are developing.


What did Github Do?

As part of their brand protection, the Github team immediately contacted owners of repositories that may have been compromised and instructed to debug their submitted project contribution. Unfortunately, Github’s actions were not enough. As the extra mile, they had to perform a manual scan and test each program line code to gauge its impact on the given project and devise a counter code to stop it.


Who else got targeted?

Aside from Github, other repositories such as RubyGems got targeted by hackers. They, fortunately, dealt with the issue at ease. Noticeably similar attacks are gaining momentum; this is a reminder to all developers that the best malware scanner is vigilance. How? By being cautious and scrutinize each library code, that they copy from any repository that they plan to include on the software they are developing to be free from possible infection.

About the author

Leave a Reply