Security News > 2021 > May > Rapid7 source code, credentials accessed in Codecov supply-chain attack
US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool.
Only internal credentials and tooling source code accessed.
The cybersecurity firm added that the Codecov tools compromised in last month's supply-chain attack were not used to work with production code.
A few days later, federal investigators reportedly discovered that the threat actors behind the Codecov hack automated the process of testing the stolen credentials, managing to breach the networks of hundreds of Codecov clients.
Two weeks after disclosing the breach discovered on April 1st, Codecov began notifying customers affected by the supply-chain attack, informing them that the unknown attackers might have downloaded their source code repositories.
As first reported by BleepingComputer, Codecov customer and open-source software maker HashiCorp disclosed that the code-signing GPG private key used for signing and verifying software releases was exposed in the attack.
News URL
Related news
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Revival Hijack supply-chain attack threatens 22,000 PyPI packages (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Police conducted supply chain attack on criminal collaborationware (source)
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)