What is the issue?
The GitHub account of Canonical, the company behind the Ubuntu was hacked on July 06, 2019.
The big picture
The Canonical owned account on GitHub was hacked and used to create 11 new GitHub repositories in the official Canonical account.
However, Canonical confirmed that there has been no evidence that any source code or sensitive information was impacted.
“We can confirm that on 2019-07-06 there was a Canonical owned account on GitHub whose credentials were compromised and used to create repositories and issues among other activities,” the Ubuntu security team said in a statement, ZDNet reported.
Worth noting
Two days before the incident, the cyber-security firm Bad Packets detected internet-wide scans for Git configuration files.
“Incoming scans detected from 185.234.219.239 checking for exposed dotfiles (configuration files):
/.env
/.ftpconfig
/.remote-sync.json
/.vscode/ftp-sync.json
/.vscode/sftp.json
/deployment-config.json
/ftpsync.settings
/sftp-config.json
#threatintel," Bad Packets tweeted.
Publisher