Shutterstock 177668495 Compressor

Have you heard about 'Octopus Scanner', a dangerous strain of malware targeting developers on Github? Github has stated: "Since the primary-infected users are developers, the access that is gained is of high interest to attackers since developers generally have access to additional projects, production environments, database passwords, and other critical assets. There is a huge potential for escalation of access, which is a core attacker objective in most cases."

GitHub has uncovered a form of malware that spreads via infected repositories on its system. It has spent the last ten weeks unpicking what it describes as a form of “virulent digital life”.

The malware is called the Octopus Scanner, and it targets Apache NetBeans, which is an integrated development environment used to write Java software. In its write-up of the attack, the GitHub Security Labs team explains how the malware lurks in source code repositories uploaded to its site, activating when a developer downloads an infected repository and uses it to create a software program.