GitHub Action supply chain attack
Yikes…. Both the “tj-actions/changed-files” and “reviewdog/actions-setup”, along with many other Actions in the reviewdog scope, were compromised “with a malicious payload that caused affected repositories to leak their secrets in logs”.
the compromised reviewdog action injected malicious code into any CI workflows using it, dumping the CI runner memory containing the workflow secrets. While this is the same outcome as in the tj-actions case, the payload was distinct and did not use curl to retrieve the payload. Instead, the payload was base64 encoded and directly inserted into the install.sh file used by the workflow.
On public repositories, the secrets would then be visible to everyone as part of the workflow logs, though obfuscated as a double-encoded base64 payload. As of now, no external exfiltration of secrets to an attacker-controlled server were observed; secrets were only observable within the affected repositories themselves.
Two things:
-
The design of Github Actions, where a user is expected to depend on a random third party Github repo to not be compromised, is fundamentally dodgy.
-
Even worse, if you find a “trustworthy” version of a Github Action and use it in your CI pipeline, it now seems that the release tags on these actions are not immutable. In this attack older stable tags were redirected to point at exploited versions.
Major design flaws IMO!
Tags: ci github security builds supply-chain attacks exploits infosec
-