Trend Micro Finds Malware Hosted on SourceForge

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Trend Micro researchers recently uncovered a variant of the GAMARUE malware that uses online code repository SourceForge to host malicious files.

TrendLabs network threat researcher Dexter To notes that with more than 324,000 projects hosted, the site's popularity among programmers and users makes the site "the perfect venue to make these malware available to users."

The GAMARUE malware gives attackers complete control of an infected system, allowing them to steal data from the system itself, then use it to launch attacks on other systems.

TrendLabs researchers found malicious files hosted under SourceForge projects named tradingfiles, ldjfdkladf, and stanteam. "As we noted in our 2013 predictions, legitimate cloud providers are likely to come under attack this year," To writes. "A site like SourceForge is a perfect target to be abused by cybercriminals."