Crypto token’s Shiba Inu Amazon Web Service (AWS) account credentials were exposed on a public code repository, researchers say.
The credentials were valid for two days after the discovery and were disabled two days after the discovery, researchers at cybersecurity firm Pingsafe claim.
“This vulnerability severely exposed the company’s AWS account, which in our estimation has the potential to cause serious security breaches, including but not limited to user fund theft, token embezzlement, disruption of services [...], “Anandn Prakash, Pingsafe’s founder, said in a blog post.
Researchers informed Shiba Inu developers about the issue but said they had received no reply as of 8 September.
Shiba Inu crypto token was created in 2020 by an anonymous person or a collective going by the name Royshi. The coin has a market cap of over $12b.
It is named after a Japanese dog breed Shiba Inu. The coin’s creators use a depiction of the dog in its logo, leading some to confuse the coin with another crypto token, Dogecoin.
Researchers at Broadcom Software recently discovered 1,859 publicly available apps with hardcoded AWS credentials, saying that credential exposure places the entire cloud infrastructure at risk.
“The credentials could expose private authentication data and keys belonging to every banking and financial app using the SDK,” the report’s authors said.
More from Cybernews:
Subscribe to our newsletter