- GitHub is investigating unauthorized access to its internal repositories after a threat actor listed its source code for sale.
- The attack involved a compromised employee device infected via a poisoned Microsoft Visual Studio Code extension.
- The same threat actor compromised the official Microsoft Python package “durabletask” with malware designed to steal credentials and propagate.
- The malicious package runs automatically upon import and can spread to other cloud instances.
The notorious threat actor TeamPCP listed GitHub‘s source code for sale on a cybercrime forum on Tuesday, prompting the Microsoft-owned subsidiary to investigate a breach of its internal repositories. The alleged data dump is said to include about 4,000 repositories, with an asking price of no less than $50,000, according to screenshots shared by Dark Web Informer.
GitHub said it currently has no evidence of impact to customer information stored outside its internal repositories. Consequently, the company noted it will notify customers via established channels if any impact is discovered.
GitHub later detailed that it detected and contained a compromise of an employee device involving a poisoned Microsoft Visual Studio Code extension. Meanwhile, the company has rotated critical secrets as a risk mitigation measure.
The attacker’s claims of approximately 3,800 repositories are directionally consistent with the investigation so far, GitHub said. Following the incident, an X account linked to TeamPCP, xploitrsturtle2, stated: “GitHub knew for hours, they delayed telling you and they won’t be honest in the future.”
News of the sale comes as TeamPCP‘s malware campaign continues to expand with the compromise of the “durabletask” PyPI package, an official Microsoft Python client. Three malicious package versions (1.4.1, 1.4.2, and 1.4.3) have been identified, according to a report by Google-owned Wiz.
The payload embedded into the package is a dropper configured to fetch a second-stage payload from an external server. Specifically, it activates a full-featured infostealer capable of harvesting credentials from major cloud providers and developer tools.
According to SafeDep, the 28KB Python stealer attempts to read HashiCorp Vault secrets and unlock password vaults like 1Password and Bitwarden. It also accesses SSH keys, Docker credentials, VPN configurations, and shell history.
The malware propagates itself to other EC2 instances using SSM if the machine is running inside AWS, said Aikido Security. Furthermore, it uses a mechanism called FIRESCALE to identify a backup command-and-control address by searching GitHub’s public commit messages.
Because the worm propagates using tokens stolen from infected environments, the number of affected packages is expected to grow. Any machine or pipeline that installed an affected version should be treated as fully compromised.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
