Attackers Create Synthetic Security Researchers to Steal IP

In May, an unidentified threat group created a fake GitHub repository containing a non-existent exploit for the Signal messaging app, bolstered by a misleading security company titled “High Sierra Cyber Security”. Threat intelligence firm VulnCheck observed the actors put an unusual level of effort into crafting the deception. The attack mirrored previous campaigns targeting security researchers via social engineering, suggesting an attempt to gain access to cybersecurity research or zero-day exploits. This type of attack can compromise the trust placed in software packages that come from seemingly reliable sources.