1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • GitHub is being hijacked by hackers, and it isn't going to be fix

    From TechnologyDaily@1337:1/100 to All on Fri Jan 12 15:30:05 2024
    GitHub is being hijacked by hackers, and it isn't going to be fixed any time soon

    Date:
    Fri, 12 Jan 2024 15:20:37 +0000

    Description:
    Hackers and professionals both agree that GitHub is an excellent tool for storing and sharing codes and files

    FULL STORY ======================================================================

    Cybercriminals are using GitHub to host and distribute malicious files and redirect traffic to phishing scams, experts have warned.

    While GitHub has become an industry standard tool for code and file sharing , it is increasingly being used by threat actors as a key part of their
    criminal infrastructure.

    The code-hosting site is also being used in an adapted tactic of living-off-the-land (LotL). An infection without a cure?

    Threat actors have been using the sites file and code sharing capabilities to deploy its payloads inside legitimate network traffic in what Recorded Future has coined as living-off-trusted-sites (LOTS) in a report on how threat
    actors are utilizing GitHub.

    The main avenue of GitHub abuse surrounds payload delivery, with dead drop resolving (DDR) and command-and-control (C2) also seeing widespread use on
    the site.

    DDR involves the use of a legitimate service being used by cybercriminals to store information relating to their own malicious domains, which infect users and directs them to other infrastructure used by threat actors.

    GitHub is also being used by threat actors to hide or disguise their C2 networks, allowing their traffic to blend in with legitimate traffic making
    it very difficult to trace or observe.

    Recorded Future said in the report that, The "living-off-trusted-sites"
    (LOTS) approach is highlighted as a growing trend among APTs, with less-sophisticated groups expected to follow suit.

    As attacks are anticipated to increase, the text emphasizes that legitimate internet services (LIS) will pose a new third-party risk vector for
    customers. Mitigation strategies are expected to require advanced detection methods, comprehensive visibility, and diverse detection angles.

    The report states that there is no current solution to resolve GitHub abuse
    by threat actors, however it is expected that the responsibility for
    detecting the abuse of GitHub hosting may gradually move towards LIS who have greater visibility over who is using their services and what they are doing.

    Via TheHackerNews More from TechRadar Pro Take a look at our guide to the best cloud hosting providers Web hosting company fined for misleading customers at checkout Ivanti warns Connect Secure zero-days exploited by hackers






    ======================================================================
    Link to news story: https://www.techradar.com/pro/github-is-being-hijacked-by-hackers-and-it-isnt- going-to-be-fixed-any-time-soon


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)