The Curious Case of the Triton Malware Fork

brennan.day

Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware hidden in presented .zip file.

4 pages link to this URL

Mã độc Triton giả mạo tấn công: Nguy hiểm từ GitHub - AdSecVN

AdSecVN Feb 18, 2026

Một phiên bản giả mạo của ứng dụng macOS hợp pháp Triton đã xuất hiện trên GitHub, lợi dụng các

1 inbound link article vi Cyber Attacks mã độcxâm nhập mạngphát hiện xâm nhập

Malicious Fork of Legitimate Triton App Discovered on GitHub, Exposing New Malware Threat

GBHackers Security | #1 Globally Trusted Cyber Security News Platform Mayura Kathir Feb 17, 2026

Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware.

1 inbound link article en cyber securityCyber Security NewsGitHubMalware cyber securityCyber Security NewsMalware

Malware in the Wild as Malicious Fork of Legitimate Triton App Surfaces on GitHub

simplysecuregroup.com Feb 17, 2026

1 inbound link en

Malware in the Wild as Malicious Fork of Legitimate Triton App Surfaces on GitHub

Cyber Security News Tushar Subhra Dutta Feb 17, 2026

A fake Triton macOS fork on GitHub redirected users to a ZIP with Windows malware hidden in an Xcode colorset folder.

1 inbound link article en Cyber Security News cyber securitycyber security news