You walk into the biggest library in the world, search for a copy of “Harry Potter,” and instead of finding the real volume, you pick up the clone that looks just like it and feels just like it, but contains a little gadget that swipes your wallet as soon as you crack it open. And this is, essentially, what just befell GitHub, the world’s most important storehouse for software code. In an extraordinary act of automated malevolence, bad actors inundated the platform with millions of bogus repositories in a highly elaborate “typo-squatting” scheme. The goal? To plant a malicious code that steals Multi-Factor Authentication (MFA) tokens and session cookies by coaxing developers to download it.
The Mechanics of Typo-Squatting
Typo-squatting is an online deception strategy as old as the web itself, but in this case, it has been weaponized an industrial scale. The attackers had set up repositories with names agonizingly similar to those of well-known, legitimate software packages. If a developer intended to type “react-dom” but accidentally skipped a key and typed “reac-dom,” they would be directed to the attacker’s page.
Because GitHub is a trusted environment — a “safe space” for developers — people let their guard down. If it’s on GitHub and has a couple of stars, it must be OK, they assume. The attackers exploited this trust. The trap is sprung the moment the victim interacts with the fake repo.
The “Quishing” Twist
What makes this attack especially nasty is the fact that it involves “Quishing”—QR code phishing. Scattered in between were prompts or readme files instructing users to scan a QR code, which supposedly would “verify” their device or allow them access to premium documentation.
At restaurants, at parking meters, at events — we’ve been conditioned to scan QR codes without question. But a QR code is really only a URL in disguise. By scanning these codes with a mobile device, the victim often circumvented corporate firewalls protecting the desktop computer and was led to a phishing site designed to collect their login credentials. It avoids the heavy security on your laptop and goes after the phone in your pocket.
The Scale and the Defense
The sheer scope of this attack — millions of repos — makes it clear that aliens were using AI to generate the fake code and names. It was the machine-gun approach to hacking.” But GitHub fought fire with fire. The platform deployed its own AI antivirus to find and nuke these repos in real time.
It’s a digital arms race. As attackers spray gen and summon useful (if inane) Large Language Models (LLMs) to create highly convincing fake code and documentation even faster than humans can write it, defenders like GitHub must blast their torrents of AIs at patterns—like thousands of repos being created from the same IP address or harboring identical malicious snippets—to excise what LLMs weave. This is a wakeup call: Open Source is the bedrock of the modern internet, and that foundation is being chipped away at by automated saboteurs. Hit clone if you have spelled double check correctly.
