Bats Wiki was defaced (and restored) #751
martin-schulze-vireso
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
What happened?
On 15th and 16th of July two accounts removed all pages from the Bats wiki and inserted unwanted content. After being notified about that on 18th of July, the original state has been restored.
How did this happen?
Currently, the Wiki is publicly editable. This means anyone with a GitHub account can change its contents.
This is the default and worked well so far. It is especially useful for the page Projects using Bats.
Other artifacts have been checked for manipulation but no indicators of compromise could be found on the releases or docker images. Together with the fact that there are no special privileges needed to edit the Wiki, a credential leak seems unlikely.
How did we notice?
Thanks to @senz for notifying us about this.
What corrective actions have been taken?
The original state has been restored from the Wiki's git history and no data has been lost.
The offending users have been reported to GitHub.
How can this be prevented in the future?
From now on, the Wiki's RSS Feed will be monitored for changes.
If this becomes a recurring problem, write access will be restricted to contributors.
Beta Was this translation helpful? Give feedback.
All reactions