Someone is putting lots of work into hacking Github developers
Might be time to stop assuming we're not targets because we're "not that interesting."Open-source developers who use Github are in the cross-hairs of advanced malware that has steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.
Dimnie, as the reconnaissance and espionage trojan is known, has largely flown under the radar for the past three years. It mostly targeted Russians until early this year, when a new campaign took aim at multiple owners of Github repositories. One commenter in this thread reported the initial infection e-mail was sent to an address that was used solely for Github, and researchers with Palo Alto Networks, the firm that reported the campaign on Tuesday, told Ars they have no evidence it targeted anyone other than Github developers.
[…]
The researchers declined to speculate who might be behind the campaign or what the motivations may be for targeting open-source developers. It's not hard to come up with plausible theories why either nation-sponsored for financially motivated hackers would want to spy on this demographic. What's clear now is that someone is devoting considerable time and expertise to make that happen.
https://arstechnica.com/security/2017/03/someone-is-putting-lots-of-work-into-hacking-github-developers/Dimnie recon trojan has flown under the radar for three years ... until now.
