Git folders were found exposing millions of data to attackers

October 27, 2022
Github Folders Exposed Data Cyberattackers

Git, a well-known open-source platform, has been seen with almost two million [.]git folders of vital project data exposed publicly. Experts reported that [.]git folders with public access could lead to source code exposures and exploitation by malicious actors for cyberattacks.

The Git platform also aids programmers with coordinated work to develop source codes and allows change or update tracking. The [.]git folders are where programmers store essential data, including their projects’ remote repository addresses, history logs, and other metadata. Once attackers discover publicly exposed Git folders, they could exploit them to conduct malicious activities, such as data leaks and system exposures.

An example instance is when an American streaming service, CarbonTV, suffered from a data breach after leaving its Git folder open to the public. The incident risked the service’s users’ safety and the company’s reputation because of poorly managing their [.]git folder’s security.

 

Recent research revealed that over 1.9 million IP addresses with live servers on the most common web service ports (80 and 443) in Git folders are publicly exposed.

 

Security researchers stated that these publicly exposed [.]git folders could allow threat actors access to essential project source codes, eventually leading to more leaks or data misuse. The study also showed that most publicly exposed [.]git folders are from the US, with over 31%, China, 8%, and Germany, 6.5%.

Furthermore, experts are concerned about critical credentials being stored on these exposed Git repositories, as threat actors could easily misuse them for numerous cyberattack methods. The researchers stressed that possibilities for cybercrime are endless for these exposed folders once a malicious actor obtains full access.

For the programmers to avoid the risks of exposed Git folders, they must use the [.]gitignore file, which is a setting that tells Git which files to ignore when storing a critical project in the GitHub repository. Experts also believe that even private cloud repositories cannot be fully trusted, as they can always be compromised.

Programmers are also advised not to leave web servers accessible via IP addresses exposed to the public online. They must also set and control the rules for these web servers’ corresponding IPs to avoid threat actors being able to modify domains and configure access rules.

About the author

Leave a Reply