France has launched an international operation to clean devices of the PlugX malware ahead of the Olympics, enlisting international partners to improve cyber security and preparedness for possible cyber attacks.
427 
Stargazer Goblin has created a network of over 3,000 fake GitHub accounts to distribute malware**. This network is known as the Stargazers Ghost Network and is used to distribute various malware, including Atlantida Stealer, Rhadamanthys, RisePro, Lumma Stealer and RedLine. Over the past year, it has brought criminals about $100,000 in illegal profits. Fake accounts engage in star status, forking, tracking, and subscribing to malicious repositories to give them the appearance of legitimacy.
**The network has been active since August 2022, although the DaaS ad didn’t appear until July 2023**. Attackers operate a network of “ghost” accounts that distribute malware via malicious links in repositories and encrypted archives as releases. Using multiple account categories helps make the infrastructure more resilient to GitHub’s attempts to remove malicious content.
This sophisticated malware distribution operation demonstrates how attackers use legitimate platforms for their purposes, remaining undetected and minimizing damage when removing malicious repositories.
427 
505 
514