GitHub reveals cunning plan to identify malware and exploits hosted on platform

representational image of a cloud firewall
(Image credit: Pixabay)
Audio player loading…

GitHub, arguably the most popular repository for hosting open source (opens in new tab) software, has updated its guidelines to prevent the use of the platform for hosting malware (opens in new tab) and exploits.

The process began in April when GitHub asked the cybersecurity (opens in new tab) community for feedback on its new policy regarding the use of the platform in malicious campaigns.

Based on the feedback, GitHub has just announced the new terms, which gives it the power to act against repositories that assist malicious campaigns, and prohibits the use of the platform to assist such campaigns in any way.

TechRadar needs yo...

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window (opens in new tab)<<

“We have clarified how and when we may disrupt ongoing attacks that are leveraging the GitHub platform as an exploit or malware content delivery network (CDN (opens in new tab)),” reads one the terms of GitHub’s new policy.

GitHub policy

The need to update the usage terms was highlighted when the platform removed a security researcher’s proof-of-concept (PoC) exploit for the ProxyLogon (opens in new tab) vulnerability in Microsoft Exchange email (opens in new tab) servers.

Many alleged that Microsoft-owned GitHub took the step at the behest of their corporate owners. However, GitHub maintained that hosting PoCs for vulnerabilities currently being exploited in the wild was against its policies.

In the new policy, GitHub has now specifically said it will allow hosting of PoC with dual-use. Bleeping Computer describes dual-use as content that can be used positively by security researchers on one hand, and by threat actors for malicious purposes.

“We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits,” GitHub explained. 

The company added that this change reins in the broad language used earlier and is worded specifically to show that the platform welcomes PoC code.

Via Bleeping Computer (opens in new tab)

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.