For HomeFor BusinessFor Partners
Industry News
1 min read

Threat Actors Stole Source Code from SonarQube Instances of US Government Agencies, Says FBI

Silviu STAHIE

November 09, 2020

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Threat Actors Stole Source Code from SonarQube Instances of US Government Agencies, Says FBI

FBI issues a warning of a successful intrusion into some US government agencies and private businesses by unnamed threat actors who used SonarQube configuration vulnerabilities in their attacks.

SonarQube is an open-source platform used by many private and governmental agencies to track metrics history, inspect code quality and automatically review projects written in 20+ languages, among other features.

The FBI observed source code leaks from various SonarQube instances belonging to US government agencies and private US companies in the technology, finance, retail, food, eCommerce and manufacturing sectors.

“In August 2020, unknown threat actors leaked internal data from two organizations through a public lifecycle repository tool,” says the FBI. “The stolen data was sourced from SonarQube instances that used default port settings and admin credentials running on the affected organizations” networks. This activity is similar to a previous data leak in July 2020, in which an identified cyber actor exfiltrated proprietary source code from enterprises through poorly secured SonarQube instances and published the exfiltrated source code on a self-hosted public repository.”

The attackers simply scanned the Internet for open SonarQube instances that had the 9000 default port open and a publicly available IP address. In all cases, the attackers tried the default login credentials (username: admin, password: admin). This means the attacks only succeeded in all of these situations because the SonarQube instances were misconfigured.

The FBI also published a list of possible mitigations to help protect entities using SonarQube:

  • Change the SonarQube default settings, including default administrator username, password, and port (9000).
  • Place SonarQube instances behind a login screen, and check if unauthorized users have accessed the instance.
  • Revoke access to any application programming interface keys or other credentials that were exposed in a SonarQube instance, if feasible.
  • Configure SonarQube instances to sit behind your organization”s firewall and other perimeter defenses to prevent unauthenticated access.

tags

Industry News

Author

Silviu STAHIE

Silviu STAHIE

Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

Right now Top posts

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices
How to Tips and Tricks

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices

April 03, 2025

8 min read
Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025
Industry News

Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025

March 12, 2025

1 min read
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
Scam

Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers

February 20, 2025

5 min read
How to Identify and Protect Yourself from Gaming Laptop Scams
Scam Tips and Tricks The Safe Nomad

How to Identify and Protect Yourself from Gaming Laptop Scams

February 11, 2025

5 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Cybersecurity Grand Prix: VPNs and a 1-2 Race Finish
Cybersecurity Grand Prix

Cybersecurity Grand Prix: VPNs and a 1-2 Race Finish
Bitdefender

December 11, 2024

3 min read
Holiday Shopping and the Dark Market Parallel
Tips and Tricks

Holiday Shopping and the Dark Market Parallel
Bitdefender

December 04, 2024

4 min read
Track Guide to Las Vegas: Cybersecurity Edition
Cybersecurity Grand Prix

Track Guide to Las Vegas: Cybersecurity Edition
Bitdefender

November 19, 2024

3 min read

Bookmarks

loader