BTC $99830.5817
ETH $4000.6021
XRP $2.6105
SOL $238.5568
BNB $750.0325
DOGE $0.4538
ADA $1.2137
stETH $3996.3142
TRX $0.3190
AVAX $51.6627
wstETH $4752.7832
TON $6.8025
UNI $18.1025
WBTC $99571.0079
DOT $10.6186
LINK $24.7921
WETH $4049.4968
HBAR $0.3314
SUI $4.2613
BCH $608.3109
PEPE $0.0000
XLM $0.5050
LTC $133.7468
NEAR $7.7396
APT $14.5825
ICP $14.7073
FET $2.0670
ETC $37.2497
POL $0.7006
CRO $0.2031
VET $0.0667
DAI $0.9995
RENDER $10.2805
BSC-USD $1.0002
TAO $698.2496
ARB $1.1650
FIL $7.8325
KAS $0.1848
USDE $1.0015
BGB $2.7231
AAVE $282.4296
ALGO $0.5111
IMX $2.0726
STX $2.6584
ATOM $10.1949
ONDO $1.6799
MNT $1.1608
BTC $99830.5817
ETH $4000.6021
XRP $2.6105
SOL $238.5568
BNB $750.0325
DOGE $0.4538
ADA $1.2137
stETH $3996.3142
TRX $0.3190
AVAX $51.6627
wstETH $4752.7832
TON $6.8025
UNI $18.1025
WBTC $99571.0079
DOT $10.6186
LINK $24.7921
WETH $4049.4968
HBAR $0.3314
SUI $4.2613
BCH $608.3109
PEPE $0.0000
XLM $0.5050
LTC $133.7468
NEAR $7.7396
APT $14.5825
ICP $14.7073
FET $2.0670
ETC $37.2497
POL $0.7006
CRO $0.2031
VET $0.0667
DAI $0.9995
RENDER $10.2805
BSC-USD $1.0002
TAO $698.2496
ARB $1.1650
FIL $7.8325
KAS $0.1848
USDE $1.0015
BGB $2.7231
AAVE $282.4296
ALGO $0.5111
IMX $2.0726
STX $2.6584
ATOM $10.1949
ONDO $1.6799
MNT $1.1608
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Global scam by Stargazer Goblin: 3,000 fake GitHub accounts spreading malware

    The attacker, Stargazer Goblin, created a network of counterfeit GitHub accounts to distribute various malware. The scheme, which has generated $100,000 in illicit profits over the past year, includes more than 3,000 accounts used to host malicious links and software.

    The fraudulent “Stargazers Ghost Network,” named by Check Point, encompasses thousands of repositories hosting malware such as Atlantida Stealer, Rhadamanthys, RisePro, Lumma Stealer, and RedLine. These accounts are also involved in various activities on the platform to give them the appearance of legitimacy.

    The network's activities were detected in August 2022, but ads for the scheme appeared on the Dark Net only in early July 2023. According to experts, the network not only spreads malware but also performs other tasks to make these fake accounts look like regular users.

    To protect against being taken off the platform, Stargazer Goblin uses different categories of accounts for different aspects of the scheme. Some accounts create phishing repository templates, others host images for these templates, and still others add malware in the form of password-protected archives disguised as cracked software and game cheats.

    As GitHub accounts are detected and blocked, Stargazer Goblin updates links to new active malware releases, ensuring minimal disruption to operations. Some accounts in the network were previously compromised, and their credentials were likely obtained by ransomware.

    The Stargazer Ghost Network shows a high level of organization and adaptability, which allows attackers to minimize losses and quickly recover from GitHub's actions. Using different accounts for different tasks makes their infrastructure resistant to detection and removal from the platform.

    This case highlights the importance of international law enforcement cooperation in the fight against cybercrime and demonstrates how even the most influential dark web markets can be stopped.

    Top 10 Emerging Cybercrime Methods in 2024

    Comments 0

    Add comment