According to Checkmarx, hackers may have created malicious repositories using the accounts’ new names and launched software supply chain attacks by taking advantage of the renaming of well-known GitHub accounts.
The repo-jacking technique entails diverting traffic from a renamed repository to an attacker-controlled malicious repository by circumventing GitHub’s redirection system. When a repository is cloned, the full repository URL, which is unique to each GitHub repository under the user account that created it, is used.
When a user updates the username associated with their GitHub account, the URL is also updated by substituting the new username for the old one.
Read More: GitHub Account Renaming Could Have Led to Supply Chain Attacks
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.