Malicious Actors Distribute Cryptocurrency Miners and Clippers via SourceForge

Malicious actors have been observed distributing malicious payloads such as cryptocurrency mining software and clippers via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. A project named "officepackage" on the main site sourceforge.net appears harmless, containing add-ons for Microsoft Office copied from a legitimate source. However, these files are actually malware designed to mine cryptocurrencies and steal sensitive information.