Malware hosted on Google Code project site

Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers

Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.

The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.

According to Zscaler's Umesh Wanve, most of the files are executable files along with zipped “.rar” files.

The time stamps show that the files have been uploaded over the course of the last month. This suggests that an attacker is actively using this free service to spread malware.

Wanve said the first malicious file was uploaded on June 24, 2010 and was still active at the end of August this year, proving that Google is slow to find and remove malicious projects.

Threatpost's Paul Roberts reports that the site has since been scrubbed.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All