Fake GitHub Repos
- Researchers found 109 fake GitHub repositories that cloned legitimate projects to deliver malware under the guise of open-source code. - The campaign distributed SmartLoader and StealC, malware families designed for credential theft and data exfiltration. - For CI/CD, cached artifacts and third-party actions now carry provenance risk, raising the need for stricter verification of dependencies and actions (gbhackers.com).
Open-source code repositories are being used as bait: researchers say 109 fake GitHub repos were set up to deliver password-stealing malware. (hexastrike.com) Hexastrike said the campaign used 109 malicious repositories across 103 GitHub accounts and was still adding new repos as of April 12, 2026. The cloned projects copied legitimate code, then rewrote README files to steer users to a hidden ZIP archive inside the repo. (hexastrike.com) A GitHub repository is usually just a project folder with code, instructions, and version history. In this case, the code pages looked normal, but the download path led to SmartLoader, a malware loader, and then StealC, an information stealer built to grab credentials and other local data. (hexastrike.com; bleepingcomputer.com) Hexastrike said the ZIP files unpacked a LuaJIT-based loader, a program that runs Lua code through a just-in-time compiler, and used multi-stage scripts to fetch the next payload. The researchers also said the operators used blockchain-backed command-and-control resolution to keep their infrastructure flexible when domains or servers changed. (hexastrike.com) The campaign fits a broader shift in software supply-chain attacks, where the trap is no longer only a poisoned package manager update. It can also be a convincing repository, a cached build artifact, or a third-party automation step that looks routine inside continuous integration and continuous delivery pipelines. (docs.github.com; docs.github.com) GitHub says artifact attestations create cryptographically signed claims that show where and how software was built, including the repository, workflow, commit, and triggering event. That gives teams a way to check whether a build output came from the workflow they expected, instead of trusting a file because it sits on a familiar platform. (docs.github.com; docs.github.com) GitHub also says pinning an action to a full-length commit SHA is the only way to make that dependency immutable in GitHub Actions. In August 2025, the company said administrators could enforce SHA pinning through policy, so a workflow cannot quietly pull a changed tag or branch later. (docs.github.com; github.blog) SmartLoader was already tied to fake GitHub lures before this cluster of 109 repos surfaced. The Hacker News reported in February 2026 that researchers had tracked SmartLoader in trojanized GitHub forks used to deliver StealC through a fake Oura Model Context Protocol server. (thehackernews.com) The pattern in both cases is simple: copy a real project, add enough social proof to look maintained, and move the victim one click away from a malicious download. For developers and security teams, the check now is not whether a repo exists on GitHub, but whether the code, the artifact, and the action all came from the source they claim. (hexastrike.com; docs.github.com)
