• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
github breach: hackers stole code signing certificates for github desktop and

GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom

You are here: Home / General Cyber Security News / GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
January 31, 2023

GitHub on Monday disclosed that not known menace actors managed to exfiltrate encrypted code signing certificates pertaining to some variations of GitHub Desktop for Mac and Atom apps.

As a end result, the organization is taking the move of revoking the exposed certificates out of abundance of caution. The subsequent versions of GitHub Desktop for Mac have been invalidated: 3..2, 3..3, 3..4, 3..5, 3..6, 3..7, 3..8, 3.1., 3.1.1, and 3.1.2.

Variations 1.63. and 1.63.1 of 1.63. of Atom are also envisioned to end operating as of February 2, 2023, necessitating that users downgrade to a earlier model (1.60.) of Atom. GitHub Desktop for Windows is not influenced.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The Microsoft-owned subsidiary mentioned it detected unauthorized obtain to a set of deprecated repositories utilised in the arranging and improvement of GitHub Desktop and Atom on December 7, 2022.

The repositories are explained to have been cloned a day just before by a compromised personal obtain token (PAT) affiliated with a machine account. None of the repositories contained shopper data, and the compromised credentials have considering the fact that been revoked. GitHub did not disclose how the token was breached.

“Numerous encrypted code signing certificates ended up saved in these repositories for use via Actions in our GitHub Desktop and Atom launch workflows,” GitHub’s Alexis Wales reported. “We have no proof that the danger actor was in a position to decrypt or use these certificates.”

It can be well worth pointing out that a successful decryption of the certificates could permit an adversary to signal trojanized apps with these certificates and go them off as originating from GitHub.

The 3 compromised certificates – two Digicert code signing certificates applied for Windows and 1 Apple Developer ID certificate – are established for revocation on February 2, 2023.

The code hosting platform also mentioned it launched a new model of the Desktop app on January 4, 2023, which is signed with new certificates that have been not exposed to the menace actor. It further more emphasised that no unauthorized modifications were created to the code in these repositories.

Uncovered this posting attention-grabbing? Observe us on Twitter  and LinkedIn to read through additional distinctive material we submit.


Some elements of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News JD Sports Confirms Breach Affected 10 Million Customers
Next Post: QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates qnap fixes critical vulnerability in nas devices with latest security»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
  • Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York
  • LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions
  • FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
  • Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets
  • Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm
  • Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips
  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter

Copyright © TheCyberSecurity.News, All Rights Reserved.