Checkmarx: Attackers Hijacking GitHub Ratings to 'Infect As Many Targets As Possible - Checkmarx

Checkmarx: Attackers Hijacking GitHub Ratings to ‘Infect As Many Targets As Possible

1 min.

April 20, 2022

Cybersecurity company Checkmarx said it has discovered that hackers can effectively hijack GitHub’s star ratings of open-source products to trick developers into downloading malicious code.

In a blog post, Checkmarx’s Tzachi “Zack” Zornstein and Aviad Gershon warn that the entire cyber-scam, which they’re calling “StarJacking,” ultimately relies upon the credibility that many people attach to star-rating systems for various products. The more popular a product, some people reason, the better the product.

Read More

Want to learn more? Here are some additional pieces for you to read.