Connect with us

Hi, what are you looking for?

Cryptocurrency

Hackers Target Github Server Infrastructure to Mine Cryptocurrencies – Security Bitcoin News

Github’s services are under investigation following a series of reports of attacks on one of its infrastructures by launching unauthorized cryptomining applications. Cybercriminals have reportedly exploited certain vulnerabilities that could have been used to mine illegal cryptographic material.

Attacks Gitube Actions

According to The Record, Dutch security engineer Justin Perdock discovered a Github cyber repository. The attacks have taken place since November 2020, the report said.

Perdok noted that the series of attacks abused a Github feature called Github Actions, which allows users to automatically run workflows and tasks only when a specific event occurs, and then press the trigger on repositories.

To do this, threat actors use repositories that already contain Github actions. The files contain details of how the attack took place:

The attack consists of manipulating a legitimate repository, adding malicious GitHub actions to the source code, and then submitting a pull request to the source repository to reinsert the code into the source code.

However, the engineer explained that to implement malicious workflows, an attacker only needs to complete a takedown request. Once downloaded, Github systems are tricked by reading the attacker’s code and then automatically downloading the crypto software.

100 crypto-mining applications used in a single attack

But the malicious campaign is proving more powerful than it seems, as Perdok told Reported that it has already discovered hackers using nearly 100 crypto-currency mining apps – like Srbminer – in a single attack to mine multiple crypto-currency variants.

However, the attack does not appear to pose a threat to the projects of the platform’s users.

Gitube has already responded to the issue, stating that it is aware of the problem and is actively looking into it. However, Perdok said Github gave him the same feedback last year when he reported the bug.

What do you think about this vulnerability in the Gitub infrastructure? Let us know your comments in the section below.

Photo credit: Shutterstock, Pixabay, Wiki Commons

Denial: This article is for information only. It is not a direct offer or invitation to buy or sell, nor is it a recommendation or endorsement of a product, service or company. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author shall be liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services referred to in this article.

Related Tags:

is bitcoin safenew cryptocurrencyhow much are bitcoins worthcryptocurrency prices,People also search for,Privacy settings,How Search works,is bitcoin safe,new cryptocurrency,how much are bitcoins worth,cryptocurrency prices

Advertisement

You May Also Like

Cryptocurrency

Activity in cryptocurrencies seems to be losing momentum, especially when it comes to Monero mining, as a recent report suggests a slowdown in illegal...

Cryptocurrency

While gambling is no stranger to the blockchain, poker’s appeal to players has only increased as poker sites accept bitcoin and Covid-19 increasingly promotes...

Cryptocurrency

The former South Korean social media giant is still making good on its promise to revive the company through the cryptocurrency sector. A local...

Cryptocurrency

There is no end to the speculation about how long the current rise will continue, as bitcoin is now a constant news story, even...