By Catalin Cimpanu
. April 2, 2021
Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company’s servers for illicit crypto-mining operations, a spokesperson told
The Record today.
The attacks have been going on since the fall of 2020 and have abused a GitHub feature called GitHub Actions, which allows users to automatically execute tasks and workflows once a certain event happens inside one of their GitHub repositories.
In a phone call today, Dutch security engineer Justin Perdok told
The Record that at least one threat actor is targeting GitHub repositories where GitHub Actions might be enabled.