The repository contains a compiled binary (e.g., an .exe or .apk file) disguised as a Yape tool. When executed, it installs infostealers like RedLine, Vidar, or even ransomware. Because GitHub is often trusted by antivirus software, these files often slip through initial scans.

Do not use in production. Do not use in development. Maybe use as a coaster for your coffee mug.

Some repositories, like jprada1984/YapeFake , are created to demonstrate how scammers can generate fake QR codes or transaction screens. These projects often warn users to always verify transactions directly in the official app rather than trusting a customer's screen.

The script asks the user to input their Yape phone number, password, and sometimes even their DNI (Peruvian ID). Instead of generating free money, it sends those credentials directly to a Telegram bot or a remote server controlled by the attacker.