• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
github breach: hackers stole code signing certificates for github desktop and

GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom

You are here: Home / General Cyber Security News / GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
January 31, 2023

GitHub on Monday disclosed that not known menace actors managed to exfiltrate encrypted code signing certificates pertaining to some variations of GitHub Desktop for Mac and Atom apps.

As a end result, the organization is taking the move of revoking the exposed certificates out of abundance of caution. The subsequent versions of GitHub Desktop for Mac have been invalidated: 3..2, 3..3, 3..4, 3..5, 3..6, 3..7, 3..8, 3.1., 3.1.1, and 3.1.2.

Variations 1.63. and 1.63.1 of 1.63. of Atom are also envisioned to end operating as of February 2, 2023, necessitating that users downgrade to a earlier model (1.60.) of Atom. GitHub Desktop for Windows is not influenced.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The Microsoft-owned subsidiary mentioned it detected unauthorized obtain to a set of deprecated repositories utilised in the arranging and improvement of GitHub Desktop and Atom on December 7, 2022.

The repositories are explained to have been cloned a day just before by a compromised personal obtain token (PAT) affiliated with a machine account. None of the repositories contained shopper data, and the compromised credentials have considering the fact that been revoked. GitHub did not disclose how the token was breached.

“Numerous encrypted code signing certificates ended up saved in these repositories for use via Actions in our GitHub Desktop and Atom launch workflows,” GitHub’s Alexis Wales reported. “We have no proof that the danger actor was in a position to decrypt or use these certificates.”

It can be well worth pointing out that a successful decryption of the certificates could permit an adversary to signal trojanized apps with these certificates and go them off as originating from GitHub.

The 3 compromised certificates – two Digicert code signing certificates applied for Windows and 1 Apple Developer ID certificate – are established for revocation on February 2, 2023.

The code hosting platform also mentioned it launched a new model of the Desktop app on January 4, 2023, which is signed with new certificates that have been not exposed to the menace actor. It further more emphasised that no unauthorized modifications were created to the code in these repositories.

Uncovered this posting attention-grabbing? Observe us on Twitter  and LinkedIn to read through additional distinctive material we submit.


Some elements of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News JD Sports Confirms Breach Affected 10 Million Customers
Next Post: QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates qnap fixes critical vulnerability in nas devices with latest security»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
  • Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
  • Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
  • Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
  • WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password
  • U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign Agents
  • Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
  • Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
  • Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
  • North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Copyright © TheCyberSecurity.News, All Rights Reserved.