A new sophisticated malware campaign exploits GitHub using AI-crafted projects to lure victims, primarily targeting IT professionals and cybersecurity experts. The malware, PyStoreRAT, is highly evasive, adaptable, and capable of deploying additional harmful software, representing a significant evolution in cyber threats. #PyStoreRAT #GitHubThreat #AI-DrivenAttack #SupplyChainAttack
Keypoints
- The campaign involves reactivating dormant GitHub accounts to build trust with seemingly legitimate AI-created projects.
- PyStoreRAT is a versatile Remote Access Trojan that can modify its launch strategy to evade detection.
- The malware can spread via USB drives and pulls new components dynamically from its operators.
- Control of the malware is maintained through a rotating server system, complicating shutdown efforts.
- Most malicious repositories have been deleted, but some remain accessible, indicating ongoing threats.
Read More: https://hackread.com/pystorerat-rat-malware-github-osint-researchers/