Open-Source Developers Targeted in Sophisticated Malware Attack


Attackers have targeted developers present on GitHub since January with an information-stealing program called Dimnie.

The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs. The emails had .gz attachments that contained Word documents with malicious macro code attached. If allowed to execute, the macro code executed a PowerShell script that reached out to a remote server and downloaded a malware program known as Dimnie.

Read more at InfoWorld