Docker Hub遭到黑客攻击泄露约19万个账号信息含GitHub令牌
Docker Hub 发布安全公告称本周三其数据库遭到未经授权的用户访问,被发现后安全部门也迅速关闭访问。
但即便如此经过调查后Docker Hub还是发现大约有19万名用户的敏感歇息遭到窃取并且包含被加密的密码。
同时如果用户关联GitHub或者Bitbucket存储库的话,那么对应的令牌信息也会泄露因此影响到存储库安全。
存储在Docker Hub 的GitHub和Bitbucket令牌允许攻击者修改开发者的项目代码,所以开发者应重视起来。
例如攻击者如果篡改某些关键项目植入恶意代码 , 那么可能引发供应链攻击到时候被感染的用户量也会更多。
当前Docker Hub已经撤销所有遭到泄露的令牌和访问密钥,不过仍然建议开发者评估自己的代码检查问题。
Docker Hub向受影响用户发送的邮件:
Received this email a few minutes ago:”On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon discovery, we acted quickly to intervene and secure the site.
We want to update you on what we’ve learned from our ongoing investigation, including which Hub accounts are impacted, and what actions users should take. Here is what we’ve learned: During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds. Actions to Take: – We are asking users to change their password on Docker Hub and any other accounts that shared this password. – For users with autobuilds that may have been impacted, we have revoked GitHub tokens and access keys, and ask that you reconnect to your repositories and check security logs to see if any unexpected actions have taken place. – You may view security actions on your GitHub or BitBucket accounts to see if any unexpected access has occurred over the past 24 hours -see https://help.github.com/en/articles/reviewing-your-security-log and https://bitbucket.org/blog/new-audit-logs-give-you-the-who-what-when-and-where – This may affect your ongoing builds from our Automated build service. You may need to unlink and then relink your Github and Bitbucket source provider as described in https://docs.docker.com/docker-hub/builds/link-source/ We are enhancing our overall security processes and reviewing our policies. Additional monitoring tools are now in place. Our investigation is still ongoing, and we will share more information as it becomes available. Thank you, Kent Lamb Director of Docker Support info@docker.com” |