Security News > 2021 > April > Hundreds of customer networks hacked in Codecov supply-chain attack
In new reporting by Reuters, investigators have stated that hundreds of customer networks have been breached in the incident, expanding the scope of this system breach beyond just Codecov's systems.
As reported by BleepingComputer last week, Codecov had suffered a supply-chain attack that went undetected for over 2-months.
Hundreds of customer networks breached in Codecov incident.
Codecov's initial investigation revealed that from January 31, 2021, periodic unauthorized alterations of Bash Uploader script occurred which enabled the threat actors to potentially exfiltrate information of Codecov users stored in their CI environments.
According to federal investigators, Codecov attackers deployed automation to use the collected customer credentials to tap into hundreds of client networks, thereby expanding the scope of this system breach beyond just Codecov's systems.
Codecov customers who, at any point in time used Codecov's uploaders, are advised to reset credentials and keys that may have been exposed as a result of this attack, and to audit their systems for any signs of malicious activity.
News URL
Related news
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign (source)