The Sysdig Threat Research Team (TRT) has discovered a new cyberattack targeting instances of the on-premises editions of the GitLab continuous integration/continuous delivery (CI/CD) platform. The attacks involve the use of binaries written in Go and .NET.
The cybercriminals behind these attacks, suspected to be based in Russia, are utilizing these binaries to conduct proxyjacking and cryptomining campaigns. The research effort, known as LABRAT, has found that these attacks employ sophisticated tactics and techniques.
