Watch the stream
A new era of malware distribution is here, where “ghost”/bot accounts spread malicious links across multiple platforms. The Ghost Network is a sophisticated operation that uses fake and compromised accounts to act in a legitimate way while spreading and promoting malware. The first discovered Ghost Network operates on GitHub. The operator behind Stargazers Ghost Network controls over 30,000 GitHub accounts, driving rapid infections and generating significant profits in a remarkably short period. What makes this operation particularly dangerous is its ability to bypass platform defenses, minimizing the impact of any countermeasures imposed by GitHub. The continuous activity and low downtime of the distribution process allow the malware campaign to persist with little interruption. The great success of the original GitHub-based Ghost Network has spurred its expansion to multiple other popular online platforms, significantly broadening the reach of this insidious malware distribution method and making it harder to contain.