Mining cryptocurrencies has been a huge craze recently, especially after enormous corporations such as Tesla and even PayPal started accepting the cryptocurrency and have even made huge investments in it.
As such, people have raised their interest in mining cryptocurrencies; however, this comes at a cost, as you need heavy-duty hardware infrastructure to make it worthwhile.
As such, many individuals or groups out there attempt to find ways to take advantage of other infrastructure to do this, and GitHub is one of the latest victims.
In fact, Github services are under investigation after a series of reports based on attacks against one of its infrastructures, which runs unauthorized crypto-mining apps were issued. Cybercriminals allegedly exploited a security flaw, which could have been exploited to mine cryptocurrencies illicitly.
Dutch Security Engineer Justin Perdok detected a cyberattack targeting repositories that belong to Github, and these sorts of hacking attacks have been taking place since November of 2020.
He even pointed out that the series of attacks abused a feature found on Github known as Github Actions.
This allows users to automatically execute workflows and tasks when only a specific event happens and then pull the trigger on the repositories.
That being said, threat actors are taking advantage of these repositories where Github Actions are already enabled.
The Record Media provided details on how this attack would take place:
“The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original.”
According to Perdok, the attacker just needs to fill the Pull Request in order to deploy the malicious workflows, and once it is loaded, Github’s systems are cheated, as it would read the attacker’s code and download crypto-mining software. In fact, he even detected that almost 100 crypto-mining apps were deployed, including Srbminer, in a single attack with the intention of mining many cryptocurrencies.
One of my repo’s just got hit with a similar attack. Account in question has a bunch of other open PR’s that currently have miners running. https://t.co/PZxApykuO9 pic.twitter.com/zugl7mFK0K
— Justin Perdok (@JustinPerdok) April 2, 2021
Github said that they are aware of the issue and are actively investigating.
However, this is nothing new as there have been numerous other attempts to hack servers or even individual applications in user’s computers to mine cryptocurrencies. This new craze has everyone railed up, and as such, who knows what the future holds in terms of hacking attempts from people who just want to mine cryptocurrencies on other people’s hardware.
