Some of Our Sources
- Mashable
- Joshua Blankenship
- Six Revisions
- Web Designer Depot
- Noupe
- Web Design Ledger
- Reencoded
- 24 Ways
- Stylized Web
- Daily Now
Help Webnuz
Referal links:
April 5, 2021 07:34 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/4XrxDd6sX8Q/github-is-investigating-crypto-mining-campaign-abusing-its-server-infrastructure
GitHub is Investigating Crypto-mining Campaign Abusing Its Server Infrastructure
An anonymous Slashdot reader shared this report from The Record:Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company's servers for illicit crypto-mining operations, a spokesperson told The Record today. The attacks have been going on since the fall of 2020 and have abused a GitHub feature called GitHub Actions, which allows users to automatically execute tasks and workflows once a certain event happens inside one of their GitHub repositories. In a phone call today, Dutch security engineer Justin Perdok told The Record that at least one threat actor is targeting GitHub repositories where GitHub Actions might be enabled. The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original. But the attack doesn't rely on the original project owner approving the malicious Pull Request. Just filing the Pull Request is enough for the attack, Perdok said. The Dutch security engineer told us attackers specifically target GitHub project owners that have automated workflows that test incoming pull requests via automated jobs. Once one of these malicious Pull Requests is filed, GitHub's systems will read the attacker's code and spin up a virtual machine that downloads and runs cryptocurrency-mining software on GitHub's infrastructure. Perdok, who's had projects abused this way, said he's seen attackers spin up to 100 crypto-miners via one attack alone, creating huge computational loads for GitHub's infrastructure. The attackers appear to be happening at random and at scale. Perdok said he identified at least one account creating hundreds of Pull Requests containing malicious code.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/4XrxDd6sX8Q/github-is-investigating-crypto-mining-campaign-abusing-its-server-infrastructure
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot