Codecov hack aftermath: hundreds breached, many more to follow

Photo by JJ Ying on Unsplash

On April 1st software testing firm, Codecov became aware of a security incident.

The company learned, that for over two months, Codecov’s Bash Uploader scripts used by hundreds or thousands of their customers had been altered with a malicious line of code that exfiltrated information in the environment variables present on the users’ CI/CD environments to an attacker’s IP address.

Bash Uploader exfiltrated environment variables to attacker’s IP address (BleepingComputer)

The flaw originated due to an error in the Docker image creation process, which, according to Codecov, “allowed the actor to extract the credential required to modify our Bash Uploader script.”

Codecov provides code coverage, testing, and stats to over 29,000 companies, and even has a handy GitHub app to integrate the tool right within your open-source software project.

As such, the security advisory released by Codecov strongly advised users to reset all of their credentials, tokens, or keys that were present in the environment variables in their CI processes that used Codecov uploaders.

Continue reading on Security Report for free.

The original post has been moved to Security Report due to multiple concerns about Medium expressed by many users [1, 2, 3].

--

--

--

Security Researcher | Tech Columnist | https://hey.ax

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

BECOME A CRYPTO AND DEFI MASTER BY JOINING OUR FREE WEBINAR! PrivacySwap free defi class.

What is Zero Trust Architecture? | Hyper Vigilance

What is hCaptcha?

{UPDATE} Master of Combo Fight Championship 2018 Hack Free Resources Generator

{UPDATE} Unknown planet Hack Free Resources Generator

{UPDATE} Surfing Flow Stunt Master ! Hack Free Resources Generator

Cybercriminals are using CAPTCHA tests to break into enterprise Office 365 accounts

ZenTask — The Platform Web3 Needs

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ax Sharma

Ax Sharma

Security Researcher | Tech Columnist | https://hey.ax

More from Medium

Bite-Sized Deliveries for the Sims 4 and 11/30 patch update

How to Design and Build A Low Power Consumption Face Tracking Video Camera

Virtual Fieldwork

leonardo da vinci virtual museum screenshot; flying machine

Perilous Wilde Post-Mortem