PurpleUrchin: GitHub Actions Hijacked for Crypto Mining

Source: thenewstack.io

PurpleUrchin: GitHub Actions Hijacked for Crypto Mining
The Sysdig Threat Research Team has uncovered an extensive crypto mining operation, PurpleUrchin, which abuses free continuous integration and deployment service accounts. It’s a new name for an old technique of abusing free service offerings.

Sysdig TRT estimates that every “free” PurpleUrchin GitHub account costs GitHub $15 per month. Free tier accounts from the other service providers are estimated to cost providers from $7 to $10 per month.

In 2020,https://attack.mitre.org/groups/G0050/ (Bismuth, OceanLotus) deployed crypto mining operations on victim networks to evade detection of their simultaneous cyberespionage campaign.
Read Full Article On thenewstack.io
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Namecheap

Scala Hosting

Become a Partner?
DevOps Careers
    • Add a Job?