News

Hackers Behind Codecov Gained Access to Monday.com Source Code

The Monday.com has recently unveiled the influence of the Codecov supply-chain attack that had affected multiple firms.

Monday.com is an online workflow management manifesto used by the project managers, sales persons and CRM professionals, marketing teams, and the various other systemized departments.

The manifesto’s consumers include eminent names like Uber, BBC Studios, Adobe applications, Universal, Hulu, L’Oreal, Coca-Cola, and Unilever.

BleepingComputer had reported last month that admired code coverage tool Codecov had been a sufferer of a supply-chain assault that lasted for two months.

In this two-month period, threat actors had changed the legitimate Codecov Bash Uploader tool to take out environment variables (containing very sensitive info such as keys, tokens, and credentials) from Codecov customer’s CI/CD environments.

Using the credentials gathered from the tinker Bash Uploader, Codecov assaulters reportedly breached hundreds of customer’s networks.

Codecov consumer Monday.com has announced recently that it was affected by the Codecov supply-chain assault.

After their inquiry into the Codecov breach, Monday.com discovered that unsanctioned actors had gotten access to a read-only copy of their source code.

Anyhow, the company states, till date, there’s no proof that the source code was tinkered by the attackers, or that any of its products are influenced.

In addition, the attacker has accessed a file containing a list of some URL’s pointing to publicly broadcasted consumer forms and views organized on our platform and we have approached the relevant consumers to inform them how to recreate these URLs, stated the company.

At this time, there is also no sign that Monday.com consumer’s data was influenced by this incident, although the firm continues to investigate.

Antecedent to the unveiling made in the SEC filing in this week, Monday.com had formerly stated that following the Codecov incident, they exfiltrated the Codecov’s access to their environment and stopped continuing the services use altogether.

By learning from this issue, we took immediate alleviation steps, including revoking Codecov access, stopped continuing our use of Codecov’s services, rotating keys for all of the monday.com’s production and development environments, and getting leading cybersecurity forensic expertise to assist with our investigation, said Monday.com’s security team blog post in last week.

Khushi

Khushi is an avid reader and loves analyzing companies in the digital space. Her interest is in online marketing, business, startups, and politics. She does everything perfectly by taking extra time.
Back to top button
Close
Close