[Jenkins-infra] (fwd) RE: Your Azure Account - Terms of Use Reminder - Jenkins

Oleg Nenashev o.v.nenashev at gmail.com
Mon Aug 6 08:44:23 UTC 2018


Likely, it looks like an urgent issue so we should get all available folks
working on it. Added the security team to CC.

I have tried to investigate the issue by looking at build histories, etc.
I was not really successful, unfortunately I cannot help much on the server
side with my current permission level.

It would help if Azure support provides more info about type of the
cryptominer running there and exact timestamps. It would allow narrowing
down the scope and going through plugins to find malicious dependencies.

BR, Oleg




On Mon, Aug 6, 2018 at 10:27 AM, Olblak <me at olblak.com> wrote:

> Shouldn't we move this discussion to security?
>
> ---
> -> gpg --keyserver keys.gnupg.net --recv-key 52210D3D
> ---
>
> On Mon, Aug 6, 2018, at 12:20 AM, R. Tyler Croy wrote:
> > (replies inline)
> >
> > On Sun, 05 Aug 2018, Oleg Nenashev wrote:
> >
> > > Is any help needed with this case?
> > > Or are you handling it together with Olivier?
> >
> >
> > Olivier and I haven't had a chance to really discuss it, so any thoughts
> you
> > might have would be valuable.
> >
> >
> > My current theories are:
> >
> > * there's some repo(s) which are invoking Maven and using it to run
> > miners perhaps.
> > * The dynamic agents are coming online and somehow being infected rather
> >   quickly, somehow, with nonsense.
> >
> >
> >
> > _______________________________________________
> > Jenkins-infra mailing list
> > Jenkins-infra at lists.jenkins-ci.org
> > http://lists.jenkins-ci.org/mailman/listinfo/jenkins-infra
> > Email had 1 attachment:
> > + signature.asc
> >   1k (application/pgp-signature)
> _______________________________________________
> Jenkins-infra mailing list
> Jenkins-infra at lists.jenkins-ci.org
> http://lists.jenkins-ci.org/mailman/listinfo/jenkins-infra
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20180806/6abe7c0b/attachment.html>


More information about the Jenkins-infra mailing list