Hackers target Github server infrastructure to mine cryptocurrencies
Github services are under investigation after a series of reports against attacks against one of its infrastructures by running unauthorized crypto mining applications. Cybercriminals allegedly exploited some security holes that could have been exploited to mine crypto illicitly.
Attacks exploit 'Github Actions '
According to The Record , a Dutch L ' Security Engineer Justin Perdok has detected a cyberattacker targeting repositories owned by Github. Attacks have taken place since November 2020, the report says.
Perdok pointed out that the series of attacks "abused a Github feature called Github Actions", which allows users to automatically run workflows and tasks only when a specific event occurs, then pull the trigger on the repositories.
That said, the threat actorstake advantage of repositories where Github actions are already activated. The recording provided details of how the attack takes place:
However, the engineer clarified that the attacker just needs to complete the "Pull Request" to deploy malicious workflows. Once loaded, Github's systems will be cheated, as it will read attacker code and then automatically download crypto mining software.
100 crypto mining apps deployed in a single attack
But the malicious campaign appears to be powerful than expected, as Perdok told Reported it had already detected hackers deploying nearly 100 crypto-mining applications - such as Srbminer - in a single attack to mine multiple cryptocurrencies.
However, the attack does not appear to pose any danger to user projects.eurs on the platform.
Github has already commented on the matter, saying it is aware of the issue and is "actively investigating". However, Perdok said Github provided him with the same comment last year when he reported the flaw.
What do you think of this flaw in the Github infrastructure? Let us know in the comments section below.