TrendLabs network threat researcher Dexter To notes that with more than 324,000 projects hosted, the site's popularity among programmers and users makes the site "the perfect venue to make these malware available to users."
The GAMARUE malware gives attackers complete control of an infected system, allowing them to steal data from the system itself, then use it to launch attacks on other systems.
TrendLabs researchers found malicious files hosted under SourceForge projects named tradingfiles, ldjfdkladf, and stanteam. "As we noted in our 2013 predictions, legitimate cloud providers are likely to come under attack this year," To writes. "A site like SourceForge is a perfect target to be abused by cybercriminals."