icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Security Alert: Social Engineering Campaign Targets Technology Industry Employees

Cyber Security Threat Summary:
GitHub has identified a low-volume social engineering campaign targeting personal accounts of employees in technology firms. The attackers use GitHub repository invitations and malicious npm package dependencies. The targets are often associated with blockchain, cryptocurrency, online gambling, or cybersecurity sectors. The threat actor behind this campaign is likely linked to North Korean objectives and has been identified as Jade Sleet or TraderTraitor.

Security Officer Comments:
The attack operates by impersonating developers or recruiters on platforms like GitHub, LinkedIn, Slack, and Telegram. They invite targets to collaborate on a repository containing malicious npm packages, acting as first-stage malware, which then downloads and executes second-stage malware on the victim's machine.

Suggested Correction(s):
GitHub has suspended associated npm and GitHub accounts and filed abuse reports with domain hosts. Users are advised to review security logs, be cautious of social media solicitations, and examine dependencies and installation scripts for scrutiny. Those targeted should contact their employer's cybersecurity department and consider resetting devices, changing passwords, and rotating sensitive credentials/tokens if they executed any content from the campaign. They are IOCS available via GitHub’s official posting.

Link(s):
https://github.blog/