circleci

lread 2023-01-14T16:44:47.236069Z

The https://circleci.com/blog/jan-4-2023-incident-report/ describing the breach and response is interesting. As to the malware on the engineer's laptop that the antivirus software did not pick up, I am curious as to specifics. What OS was the engineer running, what antivirus software was being used, what is the name of the malware? How did the malware infect the laptop?

gordon 2023-01-19T14:21:31.704739Z

It doesn't look like there's a plan to release more information just yet. There are some details in the public incident report that might help. One of the malicious files is a .dmg, and there's a SHA256 you could use to search VirusTotal.

lread 2023-01-19T15:11:16.966579Z

I guess we can probably assume macOS then. Thanks for trying @gordonsyme_clojurians, much appreciated. I'm not coming up with much in my searches, but I expect eventually details will come to light, if not from CircleCI then from some other sources.

gordon 2023-01-16T14:14:53.224719Z

I know the answer to some of those questions, but not all of them, and not the most interesting ones. I can't share anything publicly beyond what's already in the incident report, but I can ask if there will be any addenda to the report.

lread 2023-01-16T14:28:15.332149Z

Thanks @gordonsyme_clojurians, sharing these kind of details might help folks to question and improve their own practices (me included of course!).

gordon 2023-01-16T14:30:22.816219Z

I'm trying to find out if there's anything additional we can release, it's just things get tricky once you involve forensics, insurers, and legal teams.

lread 2023-01-16T14:32:10.221489Z

Thanks for trying, much appreciated!