In yet another software supply chain attack, threat actors compromised the popular GitHub Actions workflow, actions-cool/issues-helper, collected sensitive credentials, and executed malicious code that was leaked to attacker-controlled servers.
“All existing tags in the repository were moved to point to the impostor commit, which does not appear in the action’s normal commit history,” said Varun Sharma, a researcher at StepSecurity. “That commit contains malicious code that extracts credentials from the CI/CD pipeline that performs the action.”
Impostor commits refer to a deceptive software supply chain attack strategy that injects malicious code into a project by referencing commits or tags that exist only in an adversary-controlled fork rather than in the original trusted repository. As a result, an attacker could bypass standard pull request (PR) reviews and execute arbitrary code.
According to the cybersecurity firm, the imposter’s commit contains code that performs a series of actions when executed within the GitHub Actions runner.
Download the Bun JavaScript runtime to your runner. Reads memory from the Runner.Worker process and extracts credentials. Makes outbound HTTPS calls to an attacker-controlled domain (‘tm-kosche’).[.]com) to send the stolen data.
According to StepSecurity, 15 tags associated with a second GitHub action, “actions-cool/maintain-one-comment,” were also compromised with the same feature.
GitHub subsequently disabled access to the repository for “violation of GitHub’s Terms of Service.” It is currently unclear why the Microsoft-owned subsidiary came to this decision.
Interestingly, the leaked domain “tm-kosche”[.]com” has been observed in the latest wave of Mini Shai-Hulud campaigns targeting npm packages in the @antv ecosystem, indicating that the two clusters of activity may be related.
“Every tag now resolves to a malicious commit, so any workflow that references an action by version will pull the malicious code the next time it runs,” StepSecurity said. “Only workflows that are pinned to a healthy full-commit SHA are not affected.”
Source link
