GitHub repository exposed Binance’s internal passwords and code – crypto.news

Binances source code has been openly accessible on a GitHub repository for months, with the exchange asserting that the leak posed only a negligible risk.

Journalists at 404 Media discovered what they say is a highly sensitive cache of code, infrastructure diagrams, internal passwords, and other technical information related to Binance, openly available on a GitHub repository for several months.

According to the report, the repository included a folder labeled binance-infra-2.0 with a diagram illustrating the interconnections among various components of Binances dependencies. Additionally, it contained numerous scripts and code, some of which appeared related to Binances implementation of passwords and multifactor authentication, with comments in both English and Chinese, as noted by 404 Media.

While a spokesperson for Binance confirmed the leak, noting that the information posed a negligible risk to the security of our users, their assets or our platform, the description of the takedown request showed a slightly different picture, saying that the code poses a significant risk to Binancec. and causes severe financial harm to Binance and users confusion/harm.

The spokesperson also added that the code does not resemble what we currently have in production.

As per the report, the leak contained passwords for systems marked as prod, indicating production systems rather than demo or development environments. Additionally, at least two of these passwords corresponded to Amazon Web Services servers used by Binance, the report says. However, it is unclear if a third party distributed the code maliciously or if a Binance employee accidentally uploaded it to GitHub.

Read the original here:

GitHub repository exposed Binance's internal passwords and code - crypto.news

Related Posts

Comments are closed.