Github posted a security alert that warns its users of a social engineering campaign that is targeting developers:
GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms, using a combination of repository invitations and malicious npm package dependencies. Many of these targeted accounts are connected to the blockchain, cryptocurrency, or online gambling sectors. A few targets were also associated with the cybersecurity sector. No GitHub or npm systems were compromised in this campaign.
And:
We assess with high confidence that this campaign is associated with a group operating in support of North Korean objectives, known as Jade Sleet by Microsoft Threat Intelligence and TraderTraitor by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Jade Sleet mostly targets users associated with cryptocurrency and other blockchain-related organizations, but also targets vendors used by those firms.
Ken Westin, Field CISO, Panther Labs has this comment:
As organizations move to the cloud, they are also building custom applications, this makes source code repositories as GitHub a hot target, as attackers can inject malicious code that enables them to not only compromise one organization, but multiple.
It’s pretty clear that this is yet another new attack vector that threat actors are exploiting. Thus people who use GitHub and services like it need to be aware of this so that they aren’t compromised by said threat actors.
Like this:
Like Loading...
Related
This entry was posted on July 22, 2023 at 8:45 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
GitHub Warns Of Hackers Targeting Developers With Malicious Projects
Github posted a security alert that warns its users of a social engineering campaign that is targeting developers:
GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms, using a combination of repository invitations and malicious npm package dependencies. Many of these targeted accounts are connected to the blockchain, cryptocurrency, or online gambling sectors. A few targets were also associated with the cybersecurity sector. No GitHub or npm systems were compromised in this campaign.
And:
We assess with high confidence that this campaign is associated with a group operating in support of North Korean objectives, known as Jade Sleet by Microsoft Threat Intelligence and TraderTraitor by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Jade Sleet mostly targets users associated with cryptocurrency and other blockchain-related organizations, but also targets vendors used by those firms.
Ken Westin, Field CISO, Panther Labs has this comment:
As organizations move to the cloud, they are also building custom applications, this makes source code repositories as GitHub a hot target, as attackers can inject malicious code that enables them to not only compromise one organization, but multiple.
It’s pretty clear that this is yet another new attack vector that threat actors are exploiting. Thus people who use GitHub and services like it need to be aware of this so that they aren’t compromised by said threat actors.
Share this:
Like this:
Related
This entry was posted on July 22, 2023 at 8:45 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.