Join The Club
GitHub, arguably the place for developers to store and share code, has been the target of a cyberattack. The Microsoft-owned platform reported on Tuesday that its internal repositories experienced unauthorised access, although it does not appear to have exposed customer information outside of that.
"Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only," GitHub shared most recently on X, "The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far."
Backdoors placed in useful extensions is not a novel route of attack. For example, one bad actor snaffling up 31 WordPress plugins and placing a backdoor in all of them. For another, security researchers claimed last year that 35 Chrome extensions with over 4,000,000 installs 'include some kind of spyware or infostealer'
GitHub's highest-impact credentials have now been rotated, and the platform says it is continuing to keep an eye out for any further unauthorised access. The platform will share a full report on the security incident in the near future.
According to Bleeping Computer, hacker group TeamPCP have since claimed responsibility for the GitHub attack via the Breached cybercrime forum. The group says it's gained access to both GitHub source code, plus over "4,000 repos of private code." However, the cybercriminals' motivations are not so clear cut; the alleged attackers write, "As always this is not a ransom; we do not care about extorting Github."
"One buyer and we shred the data on our end," the group continues, "It looks like our retirement is soon, so if no buyer is found we will leak it [for] free. If you are interested, send your offers to the communications below. We are not interested in under 50k—the best offer will get it."
1. Best gaming laptop: Razer Blade 16
2. Best gaming PC: HP Omen 35L
3. Best handheld gaming PC: Lenovo Legion Go S SteamOS ed.
4. Best mini PC: Minisforum AtomMan G7 PT
5. Best VR headset: Meta Quest 3
