Fake Microsoft Office add-in tools push malware via SourceForge

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims' computers to both mine and steal cryptocurrency. SourceForge.net is a legitimate software hosting and distribution platform that also supports version control, bug tracking, and dedicated forums/wikis, making it very popular among open-source project communities. Although its open project submission model gives plenty of margin for abuse, actually seeing malware distributed through it is a rare occurrence. The new campaign spotted by Kaspersky has impacted over 4,604 systems, most of which are in Russia. While the malicious project is no longer available on SourceForge, Kaspersky says the project had been indexed by search engines, bringing traffic from users searching for "office add-ins" or similar. SourceForge page hosting the malware on search results Source: Kaspersky Fake Office add-ins The "officepackage" project presents itself as a collection of Office Add-in dev ... Read full article.