• About Us
  • Careers
  • Contact
No Result
View All Result
Tuesday, July 15, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result
Home News

SourceForge Compromised by Hackers, Used to Distribute Crypto Miners via Microsoft Office Packages

9 April 2025
in News
Reading Time: 3 mins read
103 6
source: qz.com

source: qz.com

SourceForge, a popular open-source software development platform, distributes malicious cryptocurrency mining tools disguised as Microsoft Office packages.

This campaign, uncovered by researchers at Kaspersky, targets users by creating fake project pages that mimic legitimate software downloads, ultimately leading to the installation of crypto miners and clipboard hijackers.

The attackers set up a fake project on SourceForge called “officepackage,” which appears to offer Microsoft Office add-ins. However, the project’s auto-generated subdomain, “officepackage.sourceforge.io,” is the actual trap. Search engines like Yandex indexed this page, making it visible to users searching for office software. Upon visiting the page, users are presented with a list of fake office apps, complete with download buttons that initiate the malware infection.

Once a user clicks on these fake download links, they are redirected multiple times before receiving a small zip file. Unzipping this file reveals a surprisingly large 700MB installer. When launched, the installer uses hidden scripts to fetch additional files from GitHub, eventually unpacking malware that checks for antivirus software. If no threats are detected, it installs tools like AutoIt and Netcat. One script sends system information to a Telegram bot, while another ensures the persistence of the crypto-mining malware on the system.

Kaspersky reports that approximately 90% of affected users are located in Russia, with over 4,600 hits recorded between January and March. The primary goal of this campaign is to steal cryptocurrency funds by exploiting infected machines for mining. However, researchers warn that these compromised systems may also be sold to other threat actors, potentially leading to further malicious activities.

This incident highlights the evolving tactics of cybercriminals in exploiting trusted platforms to spread malware. Users are advised to be cautious when downloading software from unfamiliar sources and to ensure their antivirus software is up-to-date. The use of SourceForge’s infrastructure in this campaign underscores the need for vigilance in the open-source community and the importance of verifying the authenticity of software downloads.

The exploitation of SourceForge to distribute crypto miners via fake Microsoft Office packages is a significant security concern. It emphasizes the importance of cybersecurity awareness and the need for robust protection measures against sophisticated malware attacks. As the threat landscape continues to evolve, staying informed about such tactics is crucial for protecting both personal and financial data.

 

If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.

“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Tags: CryptoMicrosoftSourceForge
Share63Tweet40Share11
Bobby Okposin

Bobby Okposin

Related Posts

source: reuters.com
News

Bank of England Governor Warns Stablecoins Threaten Financial Stability

14 July 2025
source: binance.com
Bitcoin

Bhutan Moves Over $12 Million in Bitcoin to Binance Amid Bullish Surge

14 July 2025
source: theblock.co
Bitcoin

Click Holdings Targets $100 Million Crypto Treasury with Bitcoin and Solana

14 July 2025
source: streetfins.com
Ethereum

Ethereum Could Skyrocket to $1.5 Million, EMJ Capital Founder Predicts

14 July 2025

Featured Posts

Is Code Law? The Legal and Moral Implications of Smart Contracts

Is Code Law? The Legal and Moral Implications of Smart Contracts

byFaari Labinjo
24 June 2025
0

Multi-Party Computation (MPC) vs. Zero-Knowledge Proofs (ZKPs): Which is the Future of Blockchain Privacy?

Multi-Party Computation (MPC) vs. Zero-Knowledge Proofs (ZKPs): Which is the Future of Blockchain Privacy?

byFaari Labinjo
7 June 2025
0

Address Poisoning Attacks in Crypto: What They Are and How to Stay Safe

Address Poisoning Attacks in Crypto: What They Are and How to Stay Safe

byOlayinka Sodiq
3 June 2025
0

What Is a Bull Trap?

What Is a Bull Trap?

byOlajumoke Oyaleke
3 June 2025
0

Breaking Bitcoin’s 21M Limit: Is It Even Possible?

Breaking Bitcoin’s 21M Limit: Is It Even Possible?

byOlayinka Sodiq
3 June 2025
0

Read More

Chain of Thoughts

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

byOlu Omoyele
30 June 2025
0

...

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

DAOs and the Coordination of Human Endeavour

DAOs and The Coordination of Human Endeavour

byOlu Omoyele
27 April 2025
0

...

Should DeFi Be Regulated?

Should DeFi Be Regulated?

byOlu Omoyele
27 March 2025
0

...

Markets Update

Your Weekend Crypto Roundup | July 2025 (Week 2)

4 days ago

The Battle for Web3 Infrastructure: Which Platforms are Dominating in Decentralized Storage, Compute, and Identity?

6 days ago

Is Ethereum Losing the Yield Battle?

6 days ago

Dubai Greenlights Region’s First Tokenized Money Market Fund, Pioneering Real-World Asset Digitization

7 days ago

BRICS Digital Currencies & Their Threat to USD-Denominated Stablecoins

1 week ago

The U.S. Crypto Regulatory Pivot: How the FIT21 Bill & ETF Greenlights Are Reshaping Global Policy

1 week ago
Read More

Events

Rare Evo 2025
Rare Evo 2025
6 Aug 25
Las Vegas
CBDC Conference
CBDC Conference
9 Sep 25
Nassau

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releases

HeraldEX Defines the Future with Its One-Stop Crypto Platform for Businesses

bychainwire
14 July 2025
0

BSGM Engages CXG to Acquire FINRA/SEC-Registered Broker-Dealer to Expand Publicly Traded RWA Tokenization Operations

bychainwire
14 July 2025
0

MultiBank Group Confirms $MBG Token TGE Set for July 22, 2025

bychainwire
11 July 2025
0

PEPESCAPE Launches Crypto Presale, Combining Memecoin Culture with Decentralized Finance Ecosystem

bychainwire
10 July 2025
0

$MBG Token Pre-Sale Set for July 15 — Only 7 million Tokens Available at $0.35

bychainwire
10 July 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Please enter and activate your license key for Cryptocurrency Widgets PRO plugin for unrestricted and full access of all premium features.

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00