Security News > 2021 > April > GitHub Actions being actively abused to mine cryptocurrency on GitHub servers

GitHub Actions being actively abused to mine cryptocurrency on GitHub servers
2021-04-03 09:49

GitHub Actions is currently being abused by attackers to mine cryptocurrency on GitHub's servers in an automated attack.

This week, according to a Dutch security engineer Justin Perdok, attackers have targeted GitHub repositories that use GitHub Actions to mine cryptocurrency.

As soon as a Pull Request is created for the original project, GitHub's systems would execute the attacker's code which instructs GitHub servers to retrieve and run a crypto miner.

After publishing this article, BleepingComputer came across more copycat attacks currently happening, in which suspicious Pull Requests are being filed, targeting projects that use GitHub Actions.

This isn't the first time an attack leveraging GitHub infrastructure has abused GitHub Actions.

Last year, BleepingComputer also reported on GitHub being abused to host a wormable botnet Gitpaste-12 which returned the following month with over 30 exploits.


News URL

https://www.bleepingcomputer.com/news/security/github-actions-being-actively-abused-to-mine-cryptocurrency-on-github-servers/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 12 3 42 30 15 90