Unknown hackers have stolen OAuth tokens of GitHub and GitLab, from Waydev, Dave.com, and Flood.io to gain unauthorized access to their customersโ€™ codebases. GitHub has warned few users of malicious access to their source codes via stolen OAuth tokens.

Hackers Gain Unauthorised Access to Customer Source Codes

Companies and developers store their hard-worked codes in private repositories of GitHub or GitLab, to continue developing later or share with only a few authorized users. But with an OAuth token, anyone can access their private repositories.

OAuth token is an open standard token used by third-party services to share access of oneโ€™s data to others. Here, if the OAuth tokens generated by GitHub and GitLab are shared with someone, theyโ€™re allowed to view and modify the data presented in that specific account. Waydev, an analytics firm that tracks the output of a software engineer by analyzing his Git-based codebases, was breached earlier this month!

The breach occurred on July 3rd led hackers to steal the OAuth tokens, which Waydev received from GitHub and GitLab via the usersโ€™ permission. These tokens later used by hackers to gain access to their affected usersโ€™ (customers) GitHub repositories, which contained sensitive private work.

Waydevโ€™s co-founder and CEO, Alex Circei, told ZDNet as hackers have exploited a blind SQL injection vulnerability in Waydev, which gave them access to their database where the company stores all of its customersโ€™ OAuth tokens. The company has then patched this hole, revoked access to accounts, and informed relevant US authorities. Further, the company has also taken measures like;

  • ย Monitoring all the activity,
  • Reported the incident to authorities,
  • Manual access โ€“ It is now impossible to create an account without approval from our
  • security team, and
  • Tokens are resetting two times a day.

LEAVE A REPLY

Please enter your comment!
Please enter your name here