Segev Sherry, the developer of the Dory app, has been targeted by a scam on GitHub, where fraudsters created fake accounts and apps resembling his work, aiming to distribute malware. These scammers exploit GitHub by creating fake repositories and mimicking genuine apps to deceive users. The original Dory app costs €10, but malicious actors have been using clone versions to trick unsuspecting consumers. \n\nThis incident is part of a broader pattern of GitHub-based scams, where attackers set up fake issues with security alert themes to lure users into clicking malicious links or authorizing harmful OAuth apps. Victims often think they are downloading the app from legitimate sources, not realizing the hidden dangers.\n\nMeasures to protect yourself include verifying app authenticity, avoiding direct clicks on security alert emails, checking OAuth permissions carefully, and ensuring you download only from official repositories. \n\nIt’s crucial to report any suspicious accounts or activities to GitHub promptly. Stay vigilant and protect your data from potential threats.\n\nFor more details, you can visit the full article: [Help Net Security Message](https://www.helpnetsecurity.com/2025/03/17/github-project-maintainers-targeted-with-fake-security-alert/)
