In a significant cybersecurity development this week as security researchers from Malwarebytes have detailed a sophisticated operation distributing a new remote access trojan (RAT) dubbed “github malware”. Attackers were found to be disguising the malware as legitimate and popular software—including AI tools like ChatGPT and Claude, and audio software like AutoTune—on trusted open-source platforms GitHub and SourceForge. The campaign leverages compromised YouTube channels to drive traffic to these malicious repositories, luring in unsuspecting developers and tech enthusiasts. This method highlights a persistent vulnerability in the software supply chain, where the credibility of platforms is exploited to propagate malware.
Table of Contents
Deconstructing the Deno RAT Threat
The infection chain for github malware is deceptively simple and effective. Users are directed from compromised YouTube channels to malicious GitHub or SourceForge repositories. There, they are instructed to copy and paste a command into their terminal for what they believe is a legitimate software installation. This command, available for both Windows and macOS, downloads and executes an MSI installer or a PowerShell script. From this point is where the attack’s sophistication becomes apparent. The script installs legitimate, signed tools like the Scoop package manager and the Deno JavaScript/TypeScript runtime.
By leveraging a valid application like Deno, the initial stages of the attack often bypass traditional antivirus and security scans. The attackers then weaponize the Deno runtime to fetch and execute the main payload, a backdoor known as “DinDoor,” directly from a remote server. This payload is often executed in memory, a fileless technique that makes detection much more challenging. The DinDoor backdoor establishes persistence on the victim’s machine and downloads the final payload: the github malware itself, a powerful RAT previously tracked in some circles as “Smokest”. This RAT grants attackers full control over the compromised system, enabling them to execute commands, manage files, capture screenshots, and exfiltrate sensitive data.
You might also like: Ai-assisted attacks Expose a Critical Flaw in Security
GitHub and SourceForge Under the Microscope
In the wake of these findings, the immediate question turns to the responsibility of the host platforms. GitHub’s official policy states that it does not allow its platform to be used for delivering malicious executables or as attack infrastructure. The company’s documentation notes that while it supports the posting of dual-use security research, it will restrict access to content that is being actively abused in an unlawful attack. True to their word, it was confirmed that GitHub acted quickly to remove the malicious repositories they reported. However, the report also warns that new repositories are expected to continue appearing as attackers simply create new accounts.
This reactive cycle of takedowns highlights a fundamental tension in open-source ecosystems. While platforms like GitHub and SourceForge provide critical infrastructure for collaboration, their open nature is a double-edged sword. Attackers exploit this openness, creating countless repositories that mimic legitimate projects to ensnare users. One security expert, Ed Skoudis of the SANS Institute, has previously warned that the very speed and convenience of open source can threaten software integrity, a problem he calls “foundational”. This latest threat is a perfect illustration of this risk, where trusted platforms become unwitting distribution networks for malware.
The Technological Contradiction: Abusing Trusted Runtimes
What makes this campaign particularly insidious is the abuse of the Deno runtime. Deno, like Node.js or Bun, is a legitimate tool used by developers worldwide. Attackers are increasingly abusing these alternative JavaScript runtimes to bypass security measures that are more attuned to traditional threats. This isn’t the first time Deno has been implicated; researchers previously observed it being used to deliver “CastleLoader” malware in March 2026. The tactic is effective because security products are configured to trust signed, legitimate software like Deno, allowing malicious scripts to execute under a cloak of legitimacy.
This development underscores a broader, systemic issue in software supply chain security. According to a 2024 report from Sonatype, malicious packages in open-source registries are a rapidly growing problem, with software developers becoming a prime target. Brian Fox, CTO of Sonatype, noted that “Too many enterprises treat open source malware like vulnerabilities in code, waiting to catch bugs during scanning which is too late”. The github malware campaign is a practical example of this, targeting a tech-savvy audience of developers, gamers, and AI enthusiasts who are more likely to download tools from community platforms like GitHub. This creates a critical contradiction: the very tools meant to foster innovation are being weaponized against their most avid users.
For more information on supply chain attacks, security firm Rescana offers detailed analyses of similar campaigns like the recent “TrapDoor” attack.
Recommended: Fbi vpn warning Exposes a Dangerous Flaw in Corporate Security
The Bottom Line on github malware
Ultimately, the emergence of github malware is less about a single piece of malware and more about the systemic weaknesses it exploits. It serves as a powerful reminder that trust in a platform does not guarantee the safety of its content. The attackers’ use of legitimate runtimes like Deno demonstrates a significant evolution in evasion tactics, making detection harder for conventional security tools. For all users, this implies that relying solely on platform-level security is insufficient. A proactive and skeptical approach to sourcing software is now essential.
Critical Signals to Watch:
- Watch for: Repositories for popular software from new or unverified GitHub/SourceForge accounts.
- Examine: Any installation process that requires pasting commands directly into a terminal, especially if it involves package managers like Scoop or the installation of runtimes like Deno.
- Stay updated on: The rise of “fileless” attacks that execute in-memory, as these are designed to evade traditional disk-based scanning.
- Check: The source of software. Whenever possible, download directly from the official vendor’s website, not from third-party aggregators or unvetted community posts.
- Note: The increasing abuse of legitimate, signed applications as Trojan horses to run malicious code, a technique that bypasses trust-based security models.
The challenge posed by github malware and similar malware campaigns underscores the need for a paradigm shift in security, moving from reactive takedowns to proactive verification and a zero-trust mindset, even within supposedly safe developer ecosystems.