Trivy Security Scanner - GitHub Actions Breached Again
Basically, Trivy's tools were hacked to steal secret information from developers.
Trivy's GitHub Actions were breached, hijacking 75 tags to steal sensitive CI/CD secrets. Developers using these tools are at risk. Immediate action is needed to secure environments.
What Happened
Trivy, a widely used open-source vulnerability scanner, faced a serious breach for the second time in a month. This incident involved the hijacking of 75 version tags in its GitHub Actions repositories, specifically aquasecurity/trivy-action and aquasecurity/setup-trivy. These repositories are crucial for scanning Docker container images for vulnerabilities and setting up workflows in GitHub Actions. The attacker modified these tags to deliver a malicious payload, turning trusted references into a means for distributing an infostealer.
The attack was confirmed by security researcher Philipp Burckhardt, who noted that the malicious payload executes within GitHub Actions runners. Its goal? To extract sensitive developer secrets from CI/CD environments, including SSH keys, cloud service credentials, and even cryptocurrency wallets. This breach marks a significant escalation in supply chain attacks, raising alarms across the development community.
Who's Affected
The breach primarily impacts developers and organizations using Trivy for vulnerability scanning in their CI/CD pipelines. With GitHub Actions being a popular tool among developers, the compromise of these repositories puts numerous projects at risk. If developers had been using the hijacked tags, their sensitive information could be exposed to attackers. The incident underscores the need for heightened vigilance in managing software dependencies and third-party tools.
The previous incident involving Trivy, where a bot exploited a workflow to steal a Personal Access Token (PAT), indicates a troubling trend. The attackers seem to have leveraged compromised credentials to push malicious updates without needing to exploit Git itself. This suggests that even trusted tools can be weaponized if proper access controls are not maintained.
What Data Was Exposed
The malicious payload is designed to harvest a range of sensitive information from affected systems. It scans for environmental variables and credentials stored in the system, encrypts this data, and attempts to exfiltrate it to an attacker-controlled server. Notably, it targets:
- SSH keys
- Cloud service credentials
- Database access tokens
- Docker configurations
- Kubernetes tokens
- Cryptocurrency wallets
If the exfiltration fails, the malware can use the victim's GitHub account to stage the stolen data in a public repository, further complicating detection and response efforts. This multi-layered approach to data theft highlights the sophistication of the attackers and the potential for widespread damage.
What You Should Do
If you suspect that your CI/CD environment may have been compromised, immediate action is crucial. Users should:
- Ensure they are using the latest safe releases of Trivy: 0.69.3, trivy-action 0.35.0, and setup-trivy 0.2.6.
- Treat all pipeline secrets as potentially compromised and rotate them immediately.
- Block the exfiltration domain and associated IP addresses at the network level.
- Check GitHub accounts for any repositories named tpcp-docs, which may indicate successful data exfiltration.
Moreover, developers are advised to pin GitHub Actions to full SHA hashes rather than version tags to prevent similar attacks in the future. This incident serves as a stark reminder of the vulnerabilities inherent in supply chain dependencies and the importance of robust security practices.
The Hacker News