Bitcoin.comcloud miningcrypto minersCrypto-Miningcryptojackingcyber attacksgithubGithub repositoryHackerssecurity

Hackers Target Github Server Infrastructure to Mine Cryptocurrencies

Github services is under investigation after a series of reports on attacks against one of its infrastructures by running unauthorized crypto mining apps. Cybercriminals allegedly exploited some security flaws that could have been exploited to mine cryptos illicitly.
Attacks Exploit ‘Github Actions’
According to The Record, a Dutch security engineer, Justin Perdok, detected a cyberattacker targeting repositories belonging to Github. Attacks have been taking place since November 2020, said the report.
Perdok pointed out that the series of attacks “abused a Github feature called Github Actions,” which allows users to automatically execute workflows and tasks only when a specific event happens and then pull the trigger on the repositories.
That said, threat actors are taking advantage of the repositories where Github Actions are already enabled. The Record provided details on how the attack takes place:
The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original.
However, the engineer clarified that the attacker just needs to fill the “Pull Request” to deploy the malicious workflows. Once it’s loaded, Github’s systems will be cheated, as it will read the attacker’s code and then download a crypto-mining software automatically.

Story continues on Bitcoin.com

Related posts
Barter SmartplaceBitcoin.comDEXNFTSponsored

DEX Barter Smartplace Launch: A New Era of NFT Trade

At Barter Smartplace, collectors can use barter exchange as the best way to build a collection. Trade coins for paintings, sculptures for digital art, a 1960s car for a collection of several gold coins, and many more exchange options are…
Bitcoin.comBithumbcrypto exchangecyberattacksHacksLazarus Groupnorth koreanorth korean hackerssecurityU.S Department of Justice (DoJ)United States

North Korean Hackers Threatened Bithumb Exchange With a $16M Ransom Amid the 2017 Data Breach, Says Report

A new report commissioned by the U.S. secret services unveiled what happened behind the attack launched by North Korean hackers against a South Korean crypto exchange. The case is about a breach on June 29, 2017, which exposed data tied…
/r/btcAltcoinsBinanceBinance BTCB reserve balanceBinance CoinBinance SmartchainBitcoinBitcoin (BTC)Bitcoin-peggedBitcoin.comBlockstreamBNBBTCBTCBCryptoquantETHEthereumHBTCKi Young JuLBTCLiquidRenbtcRskSBTCsidechainWBTC

Bitcoin-Pegged Token Crafted by Binance Swells, BTCB Now Commands $2.3 Billion Market Cap

Over the last twelve months wrapped or synthetic bitcoin projects have swelled a great deal. The digital token called wrapped bitcoin, for example, has 141,503 WBTC in circulation today, but the token called the Bitcoin BEP 2 (BTCB) has gathered…