Shiba Inu Credential Leak May Lead to ‘Theft, Token Misappropriation, Service Interruption’

important point

Security firm PingSafe discovered that the Shiba Inu Token development team leaked AWS credentials in August.
The leaked credentials were valid for two days. It has since been removed from his GitHub repository for the project.
The issue was resolved, but after contacting the Shiba Inu team, PingSafe did not receive a response.

The team behind Shiba Inu token (SHIBA) reportedly leaked AWS credentials over two days in August.

Shiba Inu Leaks AWS Credentials

Shiba Inu secretly leaked key credentials last month.

Security firm PingSafe has released the following report: September 8 Here are the details of the survey results. On August 22, it discovered that a commit in Shiba Inu’s public GitHub repository displayed credentials related to the project’s Amazon Web Services (AWS) account.

The leak contained some data, including AWS_ACCESS_KEY and AWS_SECRET_KEY, two environment variables that allow the script to access your AWS account. In this case, the affected code was part of a shell script used to run the validator node. Layer 2 network of Shiba InuSibarium.

PingSafe said the error “severely exposed its AWS account” and could lead to security breaches, including theft of funds, embezzlement, and disruption of service.

PingSafe added that it had reached out to Shiba Inu and various developers via email and social networks to inform them of the risks, but had received no response. Security companies have also tried to find bug bounty programs and responsible disclosure policies, but have found no avenues to report problems.

Credentials were invalidated after two days, so the risk of exposure was gone. The Shiba Inu team also removed the commit containing the leak following Pingsafe’s report. Recent code commits do not contain leaked data.

Shiba Inu is not the primary target of attacks. However, it has been confirmed that the coins were stolen in a wider attack. poly network one year ago, bitmart In December, $32 million in SHIBA tokens were stolen.

Shiba Inu is currently the 12th largest cryptocurrency by market capitalization with a capitalization of $7.5 billion.

Disclosure: At the time of writing, the author of this work owned BTC, ETH, and other cryptocurrencies.

Information contained in or accessed through this website is obtained from independent sources believed to be accurate and reliable, but Decentral Media, Inc. makes no representations or warranties regarding this website. We make no representations or warranties as to the timeliness, completeness or accuracy of any information posted on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not provide individualized investment advice or other financial advice. Information on this website is subject to change without notice. Some or all of the information on this website may be outdated, incomplete or inaccurate. We may update outdated, incomplete or inaccurate information, but are under no obligation to do so.

Investment decisions regarding ICOs, IEOs, or other investments should not be made based on the information on this website. In addition, you should not interpret or rely on information on this website as investment advice. If you need investment advice regarding an ICO, IEO, or any other investment, we strongly recommend that you consult a licensed investment advisor or other qualified financial professional. We do not receive any form of compensation for analyzing or reporting on ICOs, IEOs, cryptocurrencies, currencies, tokenized sales, securities, or commodities.

look Full Terms of Use.

https://cryptobriefing.com/shiba-inu-team-leaked-aws-credentials-in-august/?utm_source=feed&utm_medium=rss Shiba Inu Credential Leak May Lead to ‘Theft, Token Misappropriation, Service Interruption’

Source