Codecov breach triggers fears of another SolarWinds-scale attack
The incident is being investigated by US federal authorities
US federal authorities are investigating a security breach suffered by software auditing company Codecov.
According to a statement put out by the San Francisco-based firm, an unscrupulous user broke through its digital defenses and modified its Bash Uploader script.
While Codecov has emailed all affected users, the nature of the changes to the script potentially puts thousands of customers at risk.
We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.
- Protect your devices with these best antivirus software
- These are some of the best endpoint protection software
- We’ve also rounded up the best ransomware protection tools
Analysis of the breach suggests the threat actor took advantage of a shortcoming in Codecov’s Docker image creation process, which allowed them to extract the credentials necessary to modify the Bash Uploader script.
Another SolarWinds?
Worryingly, it has emerged that the script was tampered with several times and the earliest unauthorized modification dates back to January 31, 2021.
As per reports, the intrusion was only detected several months later on April 1, thanks to a customer who noticed that there was something amiss.
In its statement, Codecov warns that any customers that have executed the tampered Bash Uploader script run the risk of losing their credentials, tokens, or keys stored in their continuous integration (CI) environments.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
While Codecov has taken a number of steps to address the breach, the attack has triggered fears of a SolarWinds-scale supply chain attack, primarily because of the length of time the tampered script remained in use and given the size of Codecov’s customer base.
Codecov has announced that a federal investigation into the incident is in progress.
- Here's our choice of the best malware removal software on the market
Via Reuters
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.