DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

PurpleUrchin: GitHub Actions Hijacked for Crypto Mining

2 years ago thenewstack.io
PurpleUrchin: GitHub Actions Hijacked for Crypto Mining

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

The Sysdig Threat Research Team has uncovered an extensive crypto mining operation, PurpleUrchin, which abuses free continuous integration and deployment service accounts. It’s a new name for an old technique of abusing free service offerings.

Sysdig TRT estimates that every “free” PurpleUrchin GitHub account costs GitHub $15 per month. Free tier accounts from the other service providers are estimated to cost providers from $7 to $10 per month.

In 2020,https://attack.mitre.org/groups/G0050/ (Bismuth, OceanLotus) deployed crypto mining operations on victim networks to evade detection of their simultaneous cyberespionage campaign.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com