2
Binance Code and Internal Passwords Exposed on GitHub for Months - Slashdot
source link: https://tech.slashdot.org/story/24/01/31/1824220/binance-code-and-internal-passwords-exposed-on-github-for-months
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Binance Code and Internal Passwords Exposed on GitHub for Monthsbinspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror
Sign up for the Slashdot newsletter! OR check out the new Slashdot job board to browse remote jobs or jobs in your areaDo you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today!
×
A highly sensitive cache of code, infrastructure diagrams, internal passwords, and other technical information belonging to cryptocurrency giant Binance has been sitting on a publicly accessible GitHub repository for months, 404 Media has learned. From a report: Binance only managed to have GitHub remove the data under a copyright takedown request last week, but not before 404 Media and other people managed to view it. Although there is no public evidence this data was accessed or used by malicious parties, the cache contained a wealth of information that could be useful to hackers looking to compromise Binance's systems.
"This account is using our client's internal code which poses significant risk to Binancec. and causes severe financial harm to Binance and user's confusion/harm," a section of the takedown request, available on GitHub, reads. Another section says the GitHub repository is "hosting and distributing leaks of internal code which poses significant risk to BINANCE." For example, one diagram included in a folder called "binance-infra-2.0" shows the interlocking between different parts of Binance's various dependencies. The cache also contains a wealth of scripts and code. Some of that code appears to relate to how Binance implements passwords and multi-factor authentication. The code includes comments in both English and Chinese.
"This account is using our client's internal code which poses significant risk to Binancec. and causes severe financial harm to Binance and user's confusion/harm," a section of the takedown request, available on GitHub, reads. Another section says the GitHub repository is "hosting and distributing leaks of internal code which poses significant risk to BINANCE." For example, one diagram included in a folder called "binance-infra-2.0" shows the interlocking between different parts of Binance's various dependencies. The cache also contains a wealth of scripts and code. Some of that code appears to relate to how Binance implements passwords and multi-factor authentication. The code includes comments in both English and Chinese.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK