Security News > 2023 > January > GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps.
The Microsoft-owned subsidiary said it detected unauthorized access to a set of deprecated repositories used in the planning and development of GitHub Desktop and Atom on December 7, 2022.
"Several encrypted code signing certificates were stored in these repositories for use via Actions in our GitHub Desktop and Atom release workflows," GitHub's Alexis Wales said.
It's worth pointing out that a successful decryption of the certificates could permit an adversary to sign trojanized applications with these certificates and pass them off as originating from GitHub.
The three compromised certificates - two Digicert code signing certificates used for Windows and one Apple Developer ID certificate - are set for revocation on February 2, 2023.
The code hosting platform also said it released a new version of the Desktop app on January 4, 2023, that's signed with new certificates that were not exposed to the threat actor.
News URL
https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html
Related news
- Dell investigates data breach claims after hacker leaks employee info (source)
- Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)