A legitimate feature in GitHub Codespaces can be abused to deliver malware to victim systems, a new report from Trend Micro warns.

GitHub Codespaces is a hosted developer environment (IDE) operating in the cloud that can be run with Visual Studio Code, which allows developers and organizations to customize projects via configuring dev container files.

The codespaces supports a port forwarding feature that allows users to access and debug a web application that’s running on a particular port from their browser on a local machine. Developers can share a forwarded port privately within the organization or publicly. A private port is only accessible to organization members via its URL, while anyone with the URL can view a publicly shared port without requiring authentication.

Trend Micro found that publicly-shared forwarded ports can be abused by threat actors to create a malware file server using a legitimate GitHub account.

“In the process, these abused environments will not be flagged as malicious or suspicious even as it serves malicious content (such as scripts, malware, and ransomware, among others), and organizations may consider these events as benign or false positives,” the researchers explained.

The researchers created a proof-of-concept (PoC) exploit demonstrating how a threat actor could create a codespace with a publicly exposed port and use the same as a file server, which downloads malware from an attacker-controlled domain.

“The malicious files are downloaded inside the created codespace. Using the CLI again, we set the visibility of the exposed port to public. This essentially creates a webserver with an open directory serving the malicious files downloaded and waits for 100 seconds before deletion,” the report said.

In general, the delay is used to remove the codespace after accessing the URL returned in the script.

“Since each created codespace has a unique identifier to it, the subdomain associated is unique as well. This gives the attacker enough ground to create different instances of open directories. Additionally, codespaces can be retained for a maximum of 30 days, which implies that attackers can use the same URL for their operations in the said duration,” Trend Micro said.

For its part, GitHub said that it is aware of Trend Micro’s report and is planning to add a prompt to users to validate that they trust the owner when connecting to a codespace.

“We recommend users of GitHub Codespaces follow our guidelines to maintain security and minimize risk of their development environment,” the company said.