Tuesday, December 3, 2024
HomecryptocurrencyHackers Abusing GitHub Infrastructure To Mine Cryptocurrency

Hackers Abusing GitHub Infrastructure To Mine Cryptocurrency

Published on

SIEM as a Service

The IT service management portal, GitHub, is actively reviewing a series of attacks, as the threat actors are rigorously abusing the infrastructure and the servers of GitHub to mine cryptocurrency. 

However, it’s not the first time when GitHub was attacked or abused, as this kind of activity was being reported since the end of 2020.

According to the report, hackers are abusing one of the well-known features of GitHub to mine. This feature generally enables the users to automatically administer all its required tasks and workflows after an event take place inside the GitHub repositories.

- Advertisement - SIEM as a Service

Forking a Legitimate Repository

After investigating the whole matter, the Dutch security engineer Justin Perdok pronounced in a report that the threat actors had attacked the GitHub infrastructure to mine cryptocurrency.

The attacks that have been initiated by the threat actors initially involves the separation of the legitimate repository, which was enabled through GitHub actions.

After enabling the GitHub actions, the hackers now injects all kind of malicious code in a separated version. Soon after, the threat actors file a pull request for the primary repository maintainers so that the hackers can later merge the code back.

Hackers Abusing GitHub’s Own servers 

Apart from this, the hackers have nearly collected up to 100 crypto-miners only with one attack, as reported by the Dutch security engineer Justin Perdok.

Hackers were using strong methods that are putting large influence on GitHub; that’s why the attacks were creating large computational loads that were becoming hard to handle for GitHub’s infrastructure.

However, Justin Perdok asserted that the attackers were still anonymous, and the attacks that were being initiated by the hackers were occurring at a random scale.

After a proper investigation, Justin Perdok recognised that one account is creating hundreds of Pull Requests that are containing malicious code.

But, GitHub was aware of this activity, and they are still actively investigating the attacks; and soon, they will publish further detailed information on the matter.  

As we said above that this isn’t the first time when GitHub gets abused, and there is not only GitHub, as there are many other companies that have encountered such attacks. That’s why GitHub is still investigating the attack to know all its core information.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Understanding Crypto Macroeconomic Factors: Navigating Inflation, Rates, And Regulations 

Diving into the world of cryptocurrencies, I've found it's a fascinating intersection of technology...

Crypto Network Security: Essential Tips To Protect Your Digital Assets In 2023 

Exploring the world of cryptocurrencies has been a thrilling journey for me. The allure...

Maximise Crypto Mining Profitability: Strategies For Success In 2023 

Diving into the world of crypto mining has always intrigued me. The allure of...