Researchers have discovered potential security issues associated with the recently launched GitHub Codespaces, which could allow attackers to abuse the platform for malware delivery. GitHub Codespaces, which provides cloud-based development environments, was released in May 2020. According to researchers from Check Point, attackers could shadow a specific GitHub repository and use it to deliver malware. The attackers can also track a user’s activity in the repository and make changes to the code accordingly. To carry out the attack, an attacker will embed an executable within the repository, which will later be used to download a malicious payload. The user, unaware of the malicious code, will then unknowingly execute the code to download and install the malware. The malicious payload is then installed on the user’s machine, allowing the attacker to gain access to the user’s system. The issue was reported to GitHub and further changes were implemented to protect users from potential attacks. They also provided advice for developers on how to protect their applications. In order to protect yourself from such malicious attacks, it is important to ensure that any additions or changes made to the repository are verified and that the user’s machines are updated to the latest version of the application. Additionally, users should be careful when downloading any applications from the repository and make sure to verify the source.
This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000