EtherRAT Campaign Spoofs GitHub Tools to Infect Admins
Trusted Tools Turned Threats: Inside the EtherRAT GitHub Spoofing Campaign As an independent cybersecurity blogger and part-time penetration tester, this campaign highlights one of the most dangerous trends in modern attacks: Attackers are no longer breaking into systems. They are inviting themselves in through trust. The EtherRAT campaign takes advantage of something every IT professional relies on daily, trusted administrative tools and GitHub repositories. By weaponizing familiarity, attackers are achieving stealth, persistence, and scale. What Happened: EtherRAT Distributed via Spoofed GitHub Repositories Researchers uncovered a sophisticated campaign distributing EtherRAT malware through fake GitHub repositories designed to mimic legitimate administrative tools. The attack leverages: SEO poisoning to rank malicious repositories in search results Fake GitHub “facade” repositories with professional-looking content Hidden secondary repositories delivering the act...