00:00:00one person installing Roblox hacks, cause Vercel to be hacked, possibly compromising
00:00:04all of your project's environment variables, and the hackers want $2 million for the stolen
00:00:09data.
00:00:10Yeah, this is a crazy and scary story, so let's jump in.
00:00:17This is Vercel's announcement of the hack, saying that they identified a security incident
00:00:21that involved unauthorized access to certain Vercel internal systems.
00:00:25These systems could access your non-sensitive environment variables, which most are by default
00:00:29by the way, and also had tons of internal corporate data.
00:00:33This is also the attacker selling that data, claiming you could release malicious NPM packages
00:00:37that would infect millions.
00:00:38But how did the attackers get this information?
00:00:40Well, for that, we need to follow the story of one Vercel employee.
00:00:44They're looking for help with that work, they're looking around for the options they
00:00:47have to offload it to AI, and they stumble across a product called Context.ai, specifically
00:00:52that legacy product called AI Office Suite, which was a tool to build presentations, documents,
00:00:57spreadsheets, and write emails on the user's behalf.
00:01:00The Vercel employee decides to give this a go, and he signs up using his Vercel Google
00:01:04Workspace account and grants it allowall permissions that gives it full access to their Google Drive
00:01:09and Gmail.
00:01:10Now, you might think that it was a little bit reckless to use a company account and give
00:01:13it allowall permissions.
00:01:14I mean, it kind of was.
00:01:16But Context.ai is a legitimate company.
00:01:19This is not the point where his Google account was stolen.
00:01:21For that, we need to go even deeper.
00:01:23We need to go to a highly privileged employee of Context.ai.
00:01:27This employee is busy building Context.ai, trying to keep up with the fast-paced AI world,
00:01:32and wants to kick back and take a break, maybe play a bit of Roblox.
00:01:35Trouble is, I guess they're not very good at the game they were playing, so they wanted
00:01:39to take a shortcut and they start looking for Roblox hacks, specifically some autofarm scripts,
00:01:44and I guess they found one and downloaded it, all on a company laptop.
00:01:49I genuinely cannot believe this is what happened, it is so dumb.
00:01:53More predictably, the Roblox hack that they downloaded had an information stealer in it,
00:01:57one that was known as LumaStealer.
00:01:59It's been a well-known information stealer that was first found in 2022.
00:02:03And once on your machine, it scrapes your live session cookies and corporate credentials.
00:02:07And in the case of our Context.ai employee, the logs from his laptop show that it got access
00:02:11to his Google Workspace credentials, as well as keys and logins for things like Superbase,
00:02:15Datadog and AuthKit.
00:02:16Anything that he was logged into on his browser was stolen.
00:02:19The attackers then used these credentials to access Context.ai's internal AWS environment,
00:02:25and while looking around in there, they hid a jackpot.
00:02:27They found and compromised a database containing the OAuth tokens for users of their legacy
00:02:32AI office suite.
00:02:33And guess whose token was sitting right there, ready to be taken?
00:02:36Our Vassal employees.
00:02:37With this token, the attackers can now pivot from Context.ai to Vassal, taking over the
00:02:41Vassal employee's Google Workspace account without ever needing a password or triggering
00:02:46a multi-factor authentication prompt.
00:02:48With this account, the attackers got access to a lot of Vassal's internal systems, like
00:02:51linear, and even a backend that could access non-sensitive environment variables of Vassal
00:02:55user projects.
00:02:56If you haven't set environment variables in Vassal before, you needed to manually check
00:03:00a box to mark the variable as sensitive.
00:03:02If you did, it would be heavily encrypted and masked from internal systems, but the default
00:03:06was non-sensitive and these can be decrypted to plain text and accessed internally.
00:03:10All of this brings us to April 19th, where the attackers, going by the name Shiny Hunters,
00:03:15post on breach forums asking for $2 million for the stolen data.
00:03:19They claim they have source code, NPM tokens, GitHub tokens, employee records, and even post
00:03:23a screenshot of the internal Vassal enterprise dashboard as proof that they have access.
00:03:27Interestingly, members of the actual Shiny Hunter group have denied any involvement in
00:03:31this, meaning it could just be an affiliate or an imposter trying to cash in on their brand,
00:03:36but regardless of that, all of this cascaded from a fucking Roblox hack.
00:03:40Once Vassal was aware of the hack, they started that incident response, and they confirmed
00:03:43that core open-source projects like Next.js and Turbo Pack were completely safe, and they
00:03:48also made it so all new environment variables now are set to sensitive by default.
00:03:52So that's the overview of the hack, but if you're a Vassal user like me, you probably
00:03:55have a lot of work ahead of you.
00:03:56You need to assume that all non-sensitive environment variables that you had on Vassal have been
00:04:00compromised, and you need to actively rotate those keys at the source.
00:04:03You can't just delete the project and move off Vassal.
00:04:06Also, if you're a company that's worried that an employee used context.ai, you can go into
00:04:10Google Workspace and audit your authorized OAuth apps, looking specifically for the compromised
00:04:14context.ai app ID, and I'll leave the link to the Infostealer blog post here that has
00:04:19details on what to do.
00:04:20The moral of the story, though, is that one over-permissioned AI tool and a random employee
00:04:24trying to cheat at Roblox is all that it takes to compromise one of the biggest infrastructure
00:04:28platforms on the web.
00:04:29Please do not download game hacks onto your work laptop, or to be honest, anything that
00:04:33you don't trust.
00:04:34Let me know what you think of all of this in the comments down below, while you're there,
00:04:37subscribe, and as always, see you in the next one.
00:04:40[Music]