Hackers mined on GitHub servers

How Hackers mined cryptos using GitHub servers

Just when organizations thought that their servers were secure, at least from malware running on them, here’s a news of hackers getting access to the GitHub servers to mine crypto currencies . In crypto-world this is known crypto-jacking.

• Who : GitHub.com (a software version control platform using git)
• How long has it been going on : Since the fall of 2020
• What functionality was abused : GitHub Actions
• What was the exploit : When a certain event happens in the GitHub repos (eg: a pull request), GitHub Actions allows users to execute workflows and tasks automatically.
• Implications : Hackers could potentially run up to 100 threads, which causes a huge server overload. There are no known threats to the GitHub users — only to GitHub’s infrastructure.
• How was it detected: Security Analysts found some users with hundreds of pull request in a short span of time — and these contained some malicious code.

Links and More

Read the story here.

Link to technical write-up on this story here.

Link to githubs automated workflow and how it works .