ESET experts reported that an extraordinary attack on the supply chain was carried out by…
The entry point for the attacker was a mistake made by the developers during the creation of the Docker Codecov image, which allowed the attacker to extract the credentials needed to make changes to the Bash Uploader script.
To make matters worse, Codecov is used by more than 29,000 customers, including well-known companies such as GoDaddy, Atlassian, The Washington Post, and Procter & Gamble (P&G). According to the US federal authorities, which immediately began investigating the incident, attackers used stolen customer credentials to access hundreds of networks.
It is known that Rapid7 suffered from this attack on the supply chain, as its representatives reported that attackers gained access to the source code of the company. Also, software developers from the Hashicorp company, the Confluent cloud provider, the Twilio voice call service and many others reported about the compromise.
As the Codecov developers now write, they are scrapping the development of the Bash Uploader, and it will be replaced by a new tool written in NodeJS. The new bootloader is already available in beta as a static executable binary that currently supports Windows, Linux, Alpine Linux and macOS systems.
Starting November 1, 2021, the company will be performing “random unplanned outages” of the Bash Uploader, intentionally making it unavailable, and phasing it out entirely by February 2022.
Bleeping Computer notes that the company’s blog states that the compiled binary of the new bootloader “makes it harder for an intermediary to modify the code” and provides increased security compared to the Bash Uploader.
Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…
Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…
Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…
Themoneyminutes.com is a domain that tries to force you into subscribing to its browser notifications…
News-xcidizi.com is a domain that tries to trick you into clik to its browser notifications…
Everytraffic-flow.com is a domain that tries to trick you into subscribing to its browser notifications…