Recently, a technical analysis conducted by the security staff at the Codecov data center revealed that some hacker/s could have accessed the database on a fraudulent note and this could hit the entire supply chain down under that includes many large scale companies such as Google, GoDaddy, HP, IBM and Proctor & Gamble.
Codecov that offers software auditing services to 100’s of corporate computer networks worldwide is currently investigating the cyber incident and can only provide an update after its analysts reach to a conclusion.
Technically, the company offers various tools to its clientele that assist them in analyzing the source code testing and executions needed to produce more reliable and secure products.
It is revealed that a hacker penetrated into the network of the company and tampered the Docker images that helped him/her steal admin level privileges that helped them further change a critical Bash Uploader script used by customers.
As per the sources reporting to our Cybersecurity Insiders, Codecov engineers discovered the incident on April 1st, 2021 and concluded that the modification of Bash Uploader Script was taking place since January this year.
Note- After going through the details of the incident, it easily reminds us about the supply chain attack on SolarWinds software that was discovered by FireEye Inc in November 2020. The incident shock the entire world, prompting the newly elected US President Joe Biden to start a special probe that later claimed the attack to have been launched by Russia.