GitHub waxa ay baadhaysaa weeraro isdaba joog ah oo ay weeraryahanadu u suurtagashay in ay macdanta cryptocurrency ka sameeyaan kaabayaasha daruuraha ee GitHub iyaga oo isticmaalaya habka GitHub Actions si ay u socodsiiyaan koodkooda. Isku daygii ugu horreeyay ee lagu isticmaalo GitHub Actions macdan qodista oo ku taariikhaysan Noofambar sannadkii hore.
GitHub Actions waxay u ogolaataa soosaarayaasha koodka inay ku xidhaan maamulayaasha si ay otomaatig ugu sameeyaan hawlgallada kala duwan ee GitHub. Tusaale ahaan, adeegsiga GitHub Actions waxaad samayn kartaa jeegag iyo imtixaanno gaar ah markaad samaynayso, ama otomaatig u samayn karto habaynta Arrimaha cusub. Si loo bilaabo macdanta, weerarradu waxay abuuraan fargeeto kaydka isticmaala GitHub Actions, ku dara GitHub Actions cusub nuqulkooda, oo u soo dir codsi jiidan kaydka asalka ah oo soo jeedinaya in lagu beddelo kuwa wax ka qabta GitHub Actions cusub ".github/workflows" /ci.ymlβ hage.
Codsiga jiidashada xaasidnimada leh wuxuu abuuraa isku dayo badan oo lagu socodsiinayo qofka weerarka ku tilmaamay GitHub Actions, kaas oo 72 saacadood ka dib hakad galo wakhti wakhti la'aan darteed, guul daraystay, ka dibna mar kale ordo. Si loo weeraro, weeraryahanku wuxuu kaliya u baahan yahay inuu abuuro codsi jiidis - maamuluhu si toos ah ayuu u socdaa iyada oo aan wax xaqiijin ah ama ka qaybqaadasho ka helin kaydiyeyaasha asalka ah, kuwaas oo bedeli kara oo kaliya hawlaha shakiga leh oo joojin kara socodsiinta GitHub Actions.
Xakameeyaha ci.yml ee ay ku dartay weeraryahanadu, halbeegga βorodβ waxa uu ka kooban yahay kood qarsoon (eval β$(echo 'YXB0IHVwZGF0ZSAtβ¦' | base64 -dβ), kaas oo, marka la fuliyo, isku dayaya inuu soo dejiyo oo maamulo barnaamijka macdanta. Kala duwanaanshaha hore ee weerarka ee kaydka kala duwan Barnaamij la yiraahdo npm.exe ayaa lagu dhejiyay GitHub iyo GitLab waxaana lagu soo ururiyay faylka ELF ee la fulin karo ee Alpine Linux (oo loo isticmaalo sawirada Docker.) Noocyada cusub ee weerarka soo dejiso koodka guud ee XMRig macdan qodista oo ka socota kaydka mashruuca ee rasmiga ah, kaas oo lagu dhisay boorsada beddelka ciwaanka iyo server-yada loogu talagalay dirida xogta.
Source: opennet.ru