Phishing campaign using the lure of GitHub Jobs, targeting developers from the crypto sphere via phishing emails sent through the use of comments on GitHub issues and pull requests.
title: Helopbs GitHub Phishing Kit 03d6d129
description: |
Phishing campaign using the lure of GitHub Jobs, targeting developers
from the crypto sphere via phishing emails sent through the use of
comments on GitHub issues and pull requests.
references:
- https://urlscan.io/result/03d6d129-667b-4f8e-b762-ddd432fed168
- https://twitter.com/realScamSniffer/status/1760124587298488508
detection:
pageTitle:
title: 'GitHub - Join the team accelerating human progress through developer collaboration.'
scriptFunctions:
js|contains|all:
- 'function Github()'
- 'function Redirect()'
- 'function isDevToolsOpened()'
condition: pageTitle and scriptFunctions
tags:
- target.github
- threat_actor.helopbs