Skip to main content

Hackers could use this nasty bug to expose government websites

Approximately 332,000 websites were exposed to bad actors as a result of a vulnerability in the open-source development tool Git, according to cybersecurity researchers from Defense.com.

As reported by TechRadar, among those websites, 2,500 are associated with .gov domain in different countries, leaving various organizations at risk of online attacks and nefarious use of data.

A digital encrypted lock with data multilayers.
Digital encrypted Lock with data multilayers. Getty Images

Researchers claim that the vulnerability has come about not so much due to an issue with Git, but due to users’ not protecting their files with proper antivirus protocols. Due to the nature of open-source tools being the most basic code of any program, they can easily be tampered with if not safeguarded. In this case, hackers can get access to folders and download data from government agencies.

Recommended Videos

“Open-source technology always has the potential for security flaws, being rooted in publicly accessible code. However, this level of vulnerability is not acceptable,” Oliver Pinson-Roxburgh, CEO of Defense.com, told TechRadar.

He added that the U.K. government was among the organizations with its domains exposed that should “monitor their systems and take immediate steps to remediate risk.”

Defense.com researchers further explained that a single file within a folder can contain the data of a full codebase history, including “previous code changes, comments, security keys, as well as sensitive remote paths containing secrets and files with plain-text passwords.” Typically, users with such access might be those with credentials to fix issues rather than exploit them. Certain folders do hold login credentials and API keys, which can give unfriendly users access to even more sensitive information.

Pinson-Roxburgh noted that some organizations might leave certain folders open for their own specific purposes; however, there are still many others that might unknowingly be under threat of a data breach.

Git serves a very popular user base of over 80 million active users. It can be a reminder for organizations to update antivirus protocol, especially when it comes to open-source programs.

Recently, the cybersecurity firm Buguard reported on the brand Wiseasy, which is well-known in the Asia-Pacific region for its Android-based payment system. Its accompanying Wisecloud cloud service was hacked through employees’ computer passwords being stolen by malware and ending up on the dark web marketplace. This allowed bad players to infiltrate the brand’s database and gain access to 140,000 payment terminals globally.

Notably, the popular payment system brand lacked commonly recommended security features, such as two-factor authentication. Android is also well-known for being open source at its core.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Hackers stole $1.5 million using credit card data bought on the dark web
A credit card is passed from one person to another.

In what sounds like a movie script, over $1 million was stolen by a group that made use of thousands of credit cards posted for sale on the dark web. Some of the details of this complex cybercrime operation have come to light following an indictment by the U.S. Department of Justice.

In the United States v. Trevor Osagie, the defendant has pled guilty to conspiracy to commit credit card fraud from 2015 to 2018. Osagie worked with a network of thieves and managed to rack up over $1.5 million in damages.

Read more
Hackers are infiltrating news websites to spread malware
A black fedora rests on top of newspapers infected with spreading green lines..

Some alarming news broke today that hundreds of U.S. news websites are unwittingly playing a big role in a new malware campaign that's disguised as a Chrome browser update. This is quite a devious attack method since it's considered an important security practice to update your browser as soon as possible.

The way hackers are delivering the malware is also clever. It’s coming via an advertising network that also supplies video content to newspaper websites across the nation. It’s difficult to identify and shut down this attack because it is applied intermittently. According to a tweet by the security research team Threat Insight, the JavaScript code is being changed back and forth from the normal harmless ad delivery script to the one that includes the hacker code that shows a false update alert.

Read more
Hackers may be hiding in plain sight on your favorite website
A depiction of a hacked computer sitting in an office full of PCs.

Security researchers have detailed how domain shadowing is becoming increasingly popular for cybercriminals.

As reported by Bleeping Computer, analysts from Palo Alto Networks (Unit 42) revealed how they came across over 12,000 such incidents over just a three-month period (April to June, 2022).

Read more