Microsoft’s open source tools were hacked to steal passwords of AI developers
Microsoft’s open source tools were hacked to steal passwords of AI developers
微软开源工具遭黑客入侵,旨在窃取 AI 开发者的密码
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code. 微软已切断了其托管在 GitHub 上的数十个开源项目的访问权限,目前正在调查黑客是如何入侵这些项目并将窃取密码的恶意软件植入代码中的。
Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as Claude Code, Gemini’s command line interface, and VS Code. 许多受影响的项目与微软的云服务 Azure 以及开发者用于 AI 开发应用的工具相关,例如 Claude Code、Gemini 命令行界面和 VS Code。
According to security firm Cloudsmith and community-driven malware analysis site OpenSourceMalware, which were some of the first to flag the hack, the malware allowed the hackers to steal the users’ passwords and other sensitive credentials when they opened the compromised tools in their AI coding apps. 据安全公司 Cloudsmith 和社区驱动的恶意软件分析网站 OpenSourceMalware(它们是最早发现此次黑客攻击的机构之一)称,当用户在 AI 编程应用中打开这些受损工具时,恶意软件允许黑客窃取用户的密码和其他敏感凭据。
It’s not immediately known how many people have downloaded the affected tools. Microsoft confirmed it pulled the repos, as first reported by 404 Media. 目前尚不清楚有多少人下载了这些受影响的工具。据 404 Media 最先报道,微软已证实其下架了这些存储库。
Microsoft spokesperson Ben Hope told TechCrunch that the company has “temporarily removed some repositories as we investigated potential malicious content.” “Some of these repos have been restored after review, while others may remain offline while work continues.” 微软发言人 Ben Hope 向 TechCrunch 表示,公司“在调查潜在恶意内容期间暂时移除了一些存储库”。“其中一些存储库在审查后已恢复,而另一些在调查工作持续期间可能仍保持离线状态。”
“As part of our investigation, we notified a small number of customers who may have pulled down content from the affected repositories. We will continue to investigate, and if anything further is identified that requires customer action, we will reach out directly through our established support channels,” added Hope. Hope 补充道:“作为调查的一部分,我们已通知了少数可能从受影响存储库中下载过内容的用户。我们将继续调查,如果发现任何需要客户采取行动的情况,我们将通过既定的支持渠道直接与他们联系。”
Microsoft did not immediately provide the specific number of customers affected, when asked by TechCrunch. 当 TechCrunch 询问时,微软并未立即提供受影响客户的具体数量。
At least 70 projects belonging to Microsoft have been “disabled,” per a message loading when trying to access the projects’ pages on GitHub, a code-hosting site that Microsoft owns. “Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service.” 据在 GitHub(微软旗下的代码托管网站)上尝试访问这些项目页面时显示的加载信息显示,至少有 70 个属于微软的项目已被“禁用”。信息显示:“由于违反了 GitHub 的服务条款,GitHub 工作人员已禁用对此存储库的访问。”
This is the latest example in recent months of hackers breaching widely popular open source projects with the aim of planting malware on a large number of users who have the code installed on their computers. 这是近几个月来黑客入侵广受欢迎的开源项目的最新案例,其目的是在大量电脑上安装了这些代码的用户设备中植入恶意软件。
These hacks are known as “supply chain” attacks as they target code that is often used in a large number of software products, or by a specific kind of user, which may be advantageous to hack as they sometimes have access to cloud systems and large amounts of customers’ data. 这些黑客攻击被称为“供应链”攻击,因为它们针对的是经常被大量软件产品使用或被特定类型用户使用的代码。攻击这些代码可能更有利可图,因为这些用户有时拥有对云系统和大量客户数据的访问权限。
While it’s not uncommon for sole developers of open source projects to be targeted by hackers — in some cases as part of long-running efforts to gain the trust of the developer — it is rare for large tech giants like Microsoft, which have the resources to defend against these kinds of attacks, to get breached. 虽然开源项目的独立开发者被黑客盯上并不罕见(有时是作为长期获取开发者信任计划的一部分),但像微软这样拥有防御此类攻击资源的科技巨头遭到入侵却十分罕见。
This is Microsoft’s second known breach over the past few weeks that has allowed hackers to compromise its open source projects, per Ars Technica. In mid-May, security researchers said that Microsoft’s open source project Durable Task, a tool that helps developers build apps, was hacked. 据 Ars Technica 报道,这是微软在过去几周内第二次被曝出黑客入侵其开源项目。5 月中旬,安全研究人员曾表示,微软的开源项目 Durable Task(一个帮助开发者构建应用的工具)遭到了黑客攻击。
OpenSourceMalware said that Microsoft’s latest incident is a “re-compromise” of the Durable Task project, suggesting that Microsoft may not have eradicated the hackers on its first attempt or an entirely new, distinct breach. OpenSourceMalware 表示,微软最近的这起事件是对 Durable Task 项目的“再次入侵”,这表明微软可能在第一次尝试时并未彻底清除黑客,或者这是一次全新的、独立的入侵事件。