GitHub servers used to mine cryptocurrency

Service for hosting IT projects GitHub is investigating a series of attacks on its cloud infrastructure, which allowed unknown persons to use the company’s servers to extract cryptocurrency. Reported by The Record.

The attacks have continued since autumn 2020. Cybercriminals abuse the GitHub Actions feature infrastructure. It allows you to automate workflows when certain events, such as a Pull Request , occur in custom repositories on GitHub .

“The attack involves forking a legitimate GitHub repository, adding malicious actions to the source code, and then submitting a merge request to the original repository,” said security expert Justin Perdock.

The GitHub systems then read the malicious code and launch a virtual machine with cryptocurrency mining applications.

According to Perdock, in a single attack, attackers can deploy up to 100 cryptominers, creating huge computational loads for the GitHub infrastructure.

One of my repo’s just got hit with a similar attack. Account in question has a bunch of other open PR’s that currently have miners running.

– Justin Perdok (@JustinPerdok) April 2, 2021

GitHub representatives said that the incident did not affect user data and their repositories. The company is blocking the accounts of the attackers, but they are actively creating new accounts.

What do you think?

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

A group of cryptocurrency fraudsters have been uncovered in Georgia. Damage to victims amounted to € 620,000

“Inaudible Crash”: Why NFT Mania Could End As Quickly As It Started