2 min read

Thousands of PoC Exploits on GitHub are Laced with Malware, Study Shows

Vlad CONSTANTINESCU

October 24, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Thousands of PoC Exploits on GitHub are Laced with Malware, Study Shows

Thousands of proof-of-concept (PoC) vulnerability exploits on GitHub are ridden with malware, according to a recent study by researchers at the Leiden Institute of Advanced Computer Science.

GitHub is popular among security experts who want to share their findings with the community. PoC repositories help cybersecurity researchers validate potential fixes for new vulnerabilities and perform security assessments in stable, controlled environments against known exploits.

While PoC exploits are also shared on dedicated websites, forums and communication platforms,code-hosting platforms like GitHub are often preferred in this situation. On the downside, GitHub’s public code repositories don’t guarantee the legitimacy of the PoC, its provenience, or its efficacy.

“Professional frameworks like Metasploit or reputable databases like Exploit-DB contain exploits for many CVEs, but not for all of them,” reads the researchers’ technical paper. “Pentesters then turn to Proof of Concept (PoC) exploits published in public code repositories like GitHub to see if they can find something they can use to exploit the issue and demonstrate the vulnerability.”

The study, led by Soufian El Yadmani, Robin The and Olga Gadyatskaya, highlights that 4,893 out of 47,313 (10.3%) analyzed repositories were laced with malware. Researchers analyzed traits like the presence of Trojanized binaries, obfuscated rogue code, and malicious IP address callbacks to determine if a repository intends to cause harm.

The research further revealed that the spiked PoC repositories had different scopes. Some hid malware and other harmful scripts, some tried to harvest data from users, while others pranked users to remind them of the perils of running a PoC without analyzing the code beforehand.

To avoid exposing themselves to malware-ridden PoC exploits, users should inspect the code thoroughly and run it in a controlled environment (sandbox, virtual machine) if obfuscated.


Dedicated software like Bitdefender Ultimate Security can protect you against malicious PoC exploits and other cyberthreats thanks to its comprehensive library of features, which includes:

  • Continuous, real-time protection against viruses, worms, Trojans, zero-day exploits, rootkits, spyware, ransomware and other e-threats
  • Network threat prevention module that scans, detects and blocks malicious network-level activities
  • Behavioral detection technology that closely monitors active apps and takes instant action upon detecting suspicious activity
  • Vulnerability assessment module that scans your system for outdated and vulnerable software, outdated security patches and unsafe system settings, and suggests the best fix

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read