The escalating cryptocurrency mining attacks have been a problematic instrument for GitHub, and they are taking every measure to prevent such mining attacks.
There has been an increase in the cryptocurrency mining attacks seen in recent months. The attackers are attacking the service providers to make a hefty amount. Github, the free service provider to prevent such attacks, has come under the real soup.
Github changes gears
Instead of the actions by the attacks, Github has changed how pull requests from public forks are handled in Github actions to prevent abuse.
Colin Chartier, CEO, Davis Platform LayerCI, while talking about these mining attacks in one of the articles, has explained that the market capitalization of cryptocurrency has grown from $190 billion in January 2020 to $2trillion in April 2021. It has become profitable for attackers, and they have done this full-time job to attack the free tiers of the platform as a service provider.
Chartier further explains that the attackers have abused Github actions features to create new attacks every hour with the sole purpose of mining cryptocurrencies. He further explained that there is one strategy that will help to reduce the chances of being detected. As a result, many providers of free-tiered CI platforms, including GitLab and Travis, have put restrictions on their free offerings to prevent abuse.
Hence, GitHub has made two changes to make it harder for attackers to execute mining code on upstream repositories by only submitting a pull request.
However, this action will negatively impact the repository owners whose legitimate pull requests and accounts can be blocked. So to help the ailing repositories, some measures will be implemented. Firstly, upstream repositories will not be held responsible for abusive attacks made by attackers.
Secondly, a manual approval over a pull request made for the first time will be given by the repository collaborator. The write access, however, will be required before a GitHub action to be run. Github also agrees that this action will be flexible in the future if it impacts maintainers negatively.
This strategy might have been fruitful for the time being, but Chartier believes that the attacks in the future will become more sophisticated and will circumvent any measures. He considers that dismantling the expensive computation proof of concept mining will only save the CI platforms free tiers.