Artificial intelligence-based coding platform Sourcegraph had its website compromised earlier this week by attackers leveraging inadvertently leaked site-admin access token, according to BleepingComputer.
After using the exposed token to create a new site-admin account and infiltrate the Sourcegraph website's admin dashboard, attackers escalated their account's privileges to further compromise the platform's system, reported Sourcegraph's security team, which also discovered significantly higher API usage on the same day.
"The malicious user, or someone connected to them, created a proxy app allowing users to directly call Sourcegraph's APIs and leverage the underlying LLM. Users were instructed to create free Sourcegraph.com accounts, generate access tokens, and then request the malicious user to greatly increase their rate limit," said Sonograph Head of Security Diego Comas.
Sonograph also noted that while users' names, email addresses, and license keys have been accessed in the intrusion, there has been no evidence suggesting the compromise of other personally identifiable information, usernames, passwords, and private codes.
