![]() “If malware developers took the time to implement this malware specifically for NetBeans, it means that it could either be a targeted attack, or they may already have implemented the malware for build systems such as Make, MsBuild, Gradle and others as well and it may be spreading unnoticed,” GitHub added.Ī security researcher tipped GitHub to the issue on March 9th.įollowing a deeper analysis, GitHub found that the malware would infect local computers upon a user downloading any of the 26 discovered projects. “It was interesting that this malware attacked the NetBeans build process specifically since it is not the most common Java IDE in use today,” GitHub’s security team said in their report on Thursday. GitHub notes the malware is designed to backdoor projects created using the Apache NetBeans IDE – a phenomenon they had not seen before on their platform. The security team for the world’s largest repository host has dubbed the malware Octopus Scanner and found “26 open source projects that were backdoored by this malware and that were actively serving backdoored code.” ![]() ![]() GitHub has issued a warning to Java developers about malware which is specifically infecting NetBeans projects. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |