Popular developer platform GitHub encountered a malware attack and informed 35,000 “code hits” on a day that also witnessed thousands of Solana-based wallets drained for millions of dollars.
The widespread attack was revealed by GitHub developer Stephen Lucy. Stephen who first reported the incident on Wednesday came across the issue while studying a project he found on a Google search.
To deceive developers and access critical data, the attacker first makes a fake repository. This repository retains all of the project’s files and each file’s revision history. Afterward, the attacker pushes clones of legit projects to GitHub. For instance, the following two images illustrate this legit crypto miner project and its clone.
The majority of these clone repositories were pushed as “pull requests,” which allow developers to tell others about modifications they have pushed to a branch in a repository on GitHub.
You may find this useful, US senator summons Apple and Google over fake Crypto Apps on their stores
Once the developer falls target to the malware attack, the entire environment variable (ENV) of the script, application, or laptop (Electron apps) is mailed to the attacker’s server. The ENV comprises security keys, Amazon Web Services access keys, crypto keys, and other critical information.
The developer has notified the issue to the GitHub platform. In addition, he also advised other developers to GPG-sign their revisions made to the repository. GPG keys add an additional layer of security to GitHub accounts and software projects by delivering a way of verifying all revisions come from an authorized source. Following up on the report of the attack from Stephen, GitHub responded and cleaned most of the code hits.
Hungry for more information?
NFT Calendar from NFTHi
Join us on Telegram!
NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.
Conduct thorough research before you start with NFTs