Approximately 332,000 websites were exposed to bad actors as a result of a vulnerability in the open-source development tool Git, according to cybersecurity researchers from Defense.com.
As reported by TechRadar, among those websites, 2,500 are associated with .gov domain in different countries, leaving various organizations at risk of online attacks and nefarious use of data.
Researchers claim that the vulnerability has come about not so much due to an issue with Git, but due to users’ not protecting their files with proper antivirus protocols. Due to the nature of open-source tools being the most basic code of any program, they can easily be tampered with if not safeguarded. In this case, hackers can get access to folders and download data from government agencies.
“Open-source technology always has the potential for security flaws, being rooted in publicly accessible code. However, this level of vulnerability is not acceptable,” Oliver Pinson-Roxburgh, CEO of Defense.com, told TechRadar.
He added that the U.K. government was among the organizations with its domains exposed that should “monitor their systems and take immediate steps to remediate risk.”
Defense.com researchers further explained that a single file within a folder can contain the data of a full codebase history, including “previous code changes, comments, security keys, as well as sensitive remote paths containing secrets and files with plain-text passwords.” Typically, users with such access might be those with credentials to fix issues rather than exploit them. Certain folders do hold login credentials and API keys, which can give unfriendly users access to even more sensitive information.
Pinson-Roxburgh noted that some organizations might leave certain folders open for their own specific purposes; however, there are still many others that might unknowingly be under threat of a data breach.
Git serves a very popular user base of over 80 million active users. It can be a reminder for organizations to update antivirus protocol, especially when it comes to open-source programs.
Recently, the cybersecurity firm Buguard reported on the brand Wiseasy, which is well-known in the Asia-Pacific region for its Android-based payment system. Its accompanying Wisecloud cloud service was hacked through employees’ computer passwords being stolen by malware and ending up on the dark web marketplace. This allowed bad players to infiltrate the brand’s database and gain access to 140,000 payment terminals globally.
Notably, the popular payment system brand lacked commonly recommended security features, such as two-factor authentication. Android is also well-known for being open source at its core.