GitHub yana binciken jerin hare-haren da maharan suka yi nasarar haƙa ma'adinan cryptocurrency akan GitHub abubuwan girgije ta amfani da tsarin GitHub Actions don gudanar da lambar su. Ƙoƙarin farko na yin amfani da Ayyukan GitHub don hakar ma'adinai tun daga watan Nuwamban bara.
Ayyukan GitHub yana ba masu haɓaka lamba damar haɗa masu sarrafawa don sarrafa ayyuka daban-daban a GitHub. Misali, ta amfani da Ayyukan GitHub za ku iya yin wasu bincike da gwaje-gwaje lokacin yin, ko sarrafa sarrafa sabbin batutuwa. Don fara hakar ma'adinai, maharan suna ƙirƙirar cokali mai yatsa na ma'ajiyar da ke amfani da Ayyukan GitHub, ƙara sabon GitHub Actions zuwa kwafin su, kuma aika buƙatun ja zuwa wurin ajiyar asali na ba da shawara don maye gurbin masu gudanar da Ayyukan GitHub na yanzu tare da sabon ".github/workflows. /ci.yml” mai kulawa.
Buƙatun ja na mugunta yana haifar da yunƙuri da yawa don gudanar da ƙayyadaddun abubuwan GitHub Actions na maharin, wanda bayan sa'o'i 72 ya katse saboda ƙarewar lokaci, ya kasa, sannan kuma ya sake gudu. Don kai hari, mai kai hari kawai yana buƙatar ƙirƙirar buƙatun ja - mai sarrafa yana gudana ta atomatik ba tare da wani tabbaci ko sa hannu daga masu kula da ma'ajin na asali ba, waɗanda kawai za su iya maye gurbin ayyukan da ake tuhuma kawai kuma su daina gudanar da Ayyukan GitHub.
A cikin ci.yml handler da maharan suka ƙara, sigar “gudu” ta ƙunshi lambar ɓoye (eval “$(echo 'YXB0IHVwZGF0ZSAt…' | base64 -d”), wanda, lokacin da aka kashe shi, yana ƙoƙarin saukewa da gudanar da shirin hakar ma'adinai. A cikin bambance-bambancen farko na harin daga ma'ajiyar daban-daban An ɗora shirin da ake kira npm.exe zuwa GitHub da GitLab kuma an haɗa su cikin fayil ɗin ELF mai aiwatarwa don Alpine Linux (amfani da hotuna na Docker.) Sabbin nau'ikan harin zazzage lambar XMRig. mai hakar ma'adinai daga ma'ajin aikin hukuma, wanda aka gina shi tare da walat ɗin musanyar adireshi da sabar don aika bayanai.
source: budenet.ru