Thinking Like a Hacker: Stealing Secrets With a Malicious GitHub Action

About This Series

Last time, a cryptocurrency scammer scanned Android APKs on the Internet Archive and found thousands of leaked Twitter API keys. After that, the scammer invested money into an altcoin and used the leaked API keys to promote the altcoin with hijacked Twitter accounts. The story ended with a classic pump-and-dump that made the crypto scammer millions of dollars at the expense of duped investors.

In this series, we will dissect not just what an attacker can do to get access to credentials, but also what they would do after getting that initial access. We will walk through a different threat scenario in each part of the series and tell stories of malicious hackers that are either true, based on a true incident, or reasonably theoretical.
