![open source scanner for malware open source scanner for malware](https://www.tecmint.com/wp-content/uploads/2018/08/Lynis-Linux-Security-Auditing-Tool.png)
![open source scanner for malware open source scanner for malware](https://sdtimes.com/wp-content/uploads/2019/09/scan-3963099_640-1.jpg)
If malware developers took the time to implement this malware specifically for NetBeans, it means that it could either be a targeted attack, or they may already have implemented the malware for build systems such as Make, MsBuild, Gradle and others as well and it may be spreading unnoticed.” “It was interesting that this malware attacked the NetBeans build process specifically since it is not the most common Java IDE in use today.
![open source scanner for malware open source scanner for malware](https://blog.koddos.net/wp-content/uploads/2020/06/Octopus-Scanner-Malware-Spreads-Among-Open-Source-Developers.jpg)
“There is a huge potential for escalation of access, which is a core attacker objective in most cases.” “Since the primary-infected users are developers, the access that is gained is of high interest to attackers since developers generally have access to additional projects, production environments, database passwords, and other critical assets,” said GitHub security researcher Alvaro Muñoz. There were 26 repositories affected in total. It would also prevent any new project builds from replacing the infected one to ensure that malicious build's artifacts remained in place. The payload ensured local system persistence and would then spawn a remote administration tool (RAT) which connected to a set of command and control (C2) servers.
#OPEN SOURCE SCANNER FOR MALWARE ARCHIVE#
Octopus Scanner would ensure that every time a project was built, Java Archive (JAR) files got infected with a dropper, which drops something to the filesystem to execute.