GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of software-development workflows.

Researchers at Palo Alto Networks' Unit 42 discovered the attack, which was effective against "high-profile open source projects owned by the biggest companies in the world," according to a blog post published by lead researcher Yaron Avital yesterday. Compromise of those projects, then, "could have led to a potential impact on millions of their consumers."

Other companies whose projects were affected by the attack vector, which abuses what are called GitHub Actions artifacts, include Canonical (Ubuntu), the OWASP Foundation, and Red Hat, among others. The vector causes the artifacts to leak tokens of both third-party cloud services as well as GitHub tokens, making them available for anyone with "read access" to the repository to consume, Avital wrote.

"This allows malicious actors with access to these artifacts the potential of compromising the services to which these secrets grant access," he explained. The most common leakage found in the activity was the leakage of GitHub tokens, "allowing an attacker to act against the triggering GitHub repository," Avital added.

The exposure ultimately could have allowed attackers to push malicious code to production through the continuous integration and continuous delivery/deployment (CI/CD) pipeline, or to access secrets stored in the GitHub repository and organization, he explained.

Unit 42 worked with all of the companies and maintainers of the projects affected and "received great support from all teams" so that all of the discoveries were mitgated "quickly and efficiently," Avital wrote. However, other unknown private and public projects could also be subject to the attack.

Poisoning the Development Cycle

CI/CD environments, processes, and systems are a key part of modern software development in the flow of building, testing, and delivering code to production. That said, they offer a prime opportunity for attackers, since they use highly sensitive credentials to authenticate against various types of services, "creating a significant challenge to keep a high level of credential hygiene," Avital wrote.

The attack discovered centers on GitHub Actions, which are workflow build artifacts that allow developers to persist and share data across jobs within the same workflow. "These artifacts can be any files generated during your build process, such as compiled code, test reports, or deployment packages," Avital explained.

Artifacts ensure that critical data isn't lost after a workflow finishes, making it accessible for later analysis or deployment. This is "particularly useful for sharing test results or deployment packages between dependent jobs," Avital noted.

GitHub Actions workflows frequently use secrets to interact with various cloud services and with GitHub itself. These secrets in turn include the ephemeral, automatically-created GitHub token used to perform actions against the repository.

"The Actions build artifacts are outputs generated by the execution of workflows, and once created, they're stored for up to 90 days," Avital explained. "In open-source projects, these artifacts are publicly available for anyone to consume."

The attack flow he discovered allows attackers to download the publicly available artifact, extract the token, and push malicious code to the repository of an open source project. The code then becomes part of the project and thus could be executed as part of a software or service that end users ultimately access.

Unit 42's post included a list GitHub open source projects known to have been affected by the attack vector.

A Holistic Defense Approach Required

GitHub has become a major target for threat actors, because of its attractiveness as a way to access myriad software and services by poisoning just a few lines of code in repositories.

The new attack vector demonstrates that "we have a gap in the current security conversation regarding artifact scanning" on GitHub, Avital wrote, which means that organizations using the artifacts mechanism should "reevaluate the way they use it."

He also recommended that defenders adopt a holistic approach to software development and scrutinize every stage of it (from code to production) for potential vulnerabilities. "Overlooked elements like build artifacts often become prime targets for attackers," Avital wrote.

Organizations should also reduce workflow permissions of runner tokens according to least privilege, and review artifact creation in their CI/CD pipelines as part of a proactive and vigilant approach to security to strengthen the security posture of development projects, he noted.