Cyber-criminals stole the OAuth tokens for GitHub and GitLab from Waydev, a Git analytics organization. The stolen tokens were used to launch cyber-attacks on Flood.io and Dave.com. The analytics platform is commonly used by organizations across the world. Waydev acknowledged that the breach had taken place earlier this month and the hackers had stolen the tokens from their internal database.
The analytics firms offer their services to measure the employees’ productivity using tracking software. This requires a special app that is present on GitLab and GitHub app store listings. The hackers have used the stolen tokens to manipulate other organization’s codebase and gain illegal access to their internal source code platforms. Waydev had patched the vulnerability on the day of detection and worked to revoke all compromised OAuth tokens.
Source: Zdnet