Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
Start your day with intelligence. Get The OODA Daily Pulse.
Informing your decisions with actionable intelligence
GitHub Actions and Azure virtual machines (VMs) are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. “Attackers can abuse the runners or servers provided by GitHub to run an organization’s pipelines and automation by maliciously downloading and installing their own cryptocurrency miners to gain profit easily,” Trend Micro researcher Magno Logan said in a report last week. GitHub Actions (GHAs) is a continuous integration and continuous delivery (CI/CD) platform that allows users to automate the software build, test, and deployment pipeline. Developers can leverage the feature to create workflows that build and test every pull request to a code repository, or deploy merged pull requests to production. Both Linux and Windows runners are hosted on Standard_DS2_v2 virtual machines on Azure and come with two vCPUs and 7GB of memory. The Japanese company said it identified no fewer than 1,000 repositories and over 550 code samples that are taking advantage of the platform to mine cryptocurrency using the runners provided by GitHub. The Microsoft-owned code hosting service has been notified of the issue.
Full story : Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
Informing your decisions with actionable intelligence
Informing your decisions with actionable intelligence