GitHub found more than 35,000 clones of popular libraries with harmful elements

GitHub found more than 35,000 clones of popular libraries with harmful elements

The users of GitHub's largest open source software found over 35,000 clones of popular libraries infected with harmful software. This is written by "Commersant" with reference to Stephen Lacey's software developer, who first reported the problem and named it.

The international community considers the incident dangerous because users without verification of products may not distinguish a copy of the code from its original and use harmful libraries to infect their systems; it is also noted that the introduction of such a code prevents users from receiving updates and significantly reduces the development of their own products on the basis of an open code; according to available data, some library clones, such as Python, have developed defects that may be used by perpetrators to gain unauthorized access to data.

In the opinion of Pavel Korostelev, the head of the product promotion department of Security Code, the threat is relevant to developers using open code to create internal solutions; he noted that companies often check this code less carefully because the speed of the final product is an important aspect; Dmitry Schmoylov, the head of the security unit of the Kaspersky Laboratory, believes that all developers using the relevant libraries may be affected.

As will be recalled, since February this year, major Russian companies have noted a sharp increase in the number of harmful items in open software placed in storage, which is estimated to have increased by a factor of 20 compared to last year ' s by June, and in some cases may contain provocative content or calls for politically motivated action.