Hackers Target Github Server Infrastructure to Mine Cryptocurrencies

Mining cryptocurrencies has been a huge craze recently, especially after enormous corporations such as Tesla and even PayPal started accepting the cryptocurrency and have even made huge investments in it.

As such, people have raised their interest in mining cryptocurrencies; however, this comes at a cost, as you need heavy-duty hardware infrastructure to make it worthwhile.

As such, many individuals or groups out there attempt to find ways to take advantage of other infrastructure to do this, and GitHub is one of the latest victims.

Photo of the Git site

In fact, Github services are under investigation after a series of reports based on attacks against one of its infrastructures, which runs unauthorized crypto-mining apps were issued. Cybercriminals allegedly exploited a security flaw, which could have been exploited to mine cryptocurrencies illicitly.

Dutch Security Engineer Justin Perdok detected a cyberattack targeting repositories that belong to Github, and these sorts of hacking attacks have been taking place since November of 2020.

He even pointed out that the series of attacks abused a feature found on Github known as Github Actions.

This allows users to automatically execute workflows and tasks when only a specific event happens and then pull the trigger on the repositories.

That being said, threat actors are taking advantage of these repositories where Github Actions are already enabled.

The Record Media provided details on how this attack would take place:

“The attack involves forking a legitimate repository, adding malicious GitHub Actions to the original code, and then filing a Pull Request with the original repository in order to merge the code back into the original.”

According to Perdok, the attacker just needs to fill the Pull Request in order to deploy the malicious workflows, and once it is loaded, Github’s systems are cheated, as it would read the attacker’s code and download crypto-mining software. In fact, he even detected that almost 100 crypto-mining apps were deployed, including Srbminer, in a single attack with the intention of mining many cryptocurrencies.

Github said that they are aware of the issue and are actively investigating.

However, this is nothing new as there have been numerous other attempts to hack servers or even individual applications in user’s computers to mine cryptocurrencies. This new craze has everyone railed up, and as such, who knows what the future holds in terms of hacking attempts from people who just want to mine cryptocurrencies on other people’s hardware.

Manchester Cloud Hosting and Data Center Operator Teledata Launches New Premium Web Hosting Service  

For companies searching for a helpful approach to hosting their websites, Teledata, a Manchester-based cloud hosting and data center operator, has developed a premium web hosting solution.
1 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

Cloud Computing Is To Reach A New All-Time High in 2022

In 2022, investment in traditional IT equipment for data centers will finally be surpassed by spending on shared cloud IT infrastructure. With corporate customers spending $18.3 billion on cloud computing and storage infrastructure in the first quarter of 2022, up 17.2%  year over year, spending on cloud services is likely to reach another critical tipping […]
2 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

SiteGround’s New Data Center & CDN Location in Spain Deliver Faster Data Access and Reduced Networking Costs

SiteGround added a new data center facility in Madrid, Spain, to its global network on June 17, 2022. With less than a month of operation, the provider has confirmed the many benefits of a well-dispersed network and the importance of geography in web hosting.
3 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert

The Search Volume For Free Web Hosting Reaches Its All-Time High In 2022

As individuals adjust to the severe economic downturn and the cost-of-living issue, the combined search for free website builders and free web hosting has reached its highest level in over two years.
1 min read
Sara Mirchevska
Sara Mirchevska
Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top