Github is struggling to keep up with a malware campaign that’s a new twist on typosquatting. The play is straightforward: Clone popular repositories, add malware, and advertise the forks as the original. Some developers mistake the forks for the real projects, and unintentionally run the malware. The obvious naming choice is forksquatting, but the researchers at apiiro went with the safer name of “Repo Confusion”.
This is a companion discussion topic for the original entry at https://hackaday.com/2024/03/01/this-week-in-security-forksquatting-rustdesk-and-mms/