Security News > 2023 > January > GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps.
The Microsoft-owned subsidiary said it detected unauthorized access to a set of deprecated repositories used in the planning and development of GitHub Desktop and Atom on December 7, 2022.
"Several encrypted code signing certificates were stored in these repositories for use via Actions in our GitHub Desktop and Atom release workflows," GitHub's Alexis Wales said.
It's worth pointing out that a successful decryption of the certificates could permit an adversary to sign trojanized applications with these certificates and pass them off as originating from GitHub.
The three compromised certificates - two Digicert code signing certificates used for Windows and one Apple Developer ID certificate - are set for revocation on February 2, 2023.
The code hosting platform also said it released a new version of the Desktop app on January 4, 2023, that's signed with new certificates that were not exposed to the threat actor.
News URL
https://thehackernews.com/2023/01/github-breach-hackers-stole-code.html
Related news
- Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)
- U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers (source)
- Acuity confirms hackers stole non-sensitive govt data from GitHub repos (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)