Cloud development and serverless deployment platform, Vercel, has confirmed a security incident which saw hackers gain access to its internal systems. The incident presents a serious risk to the Web3 space as many projects use Vercel to host their front-end interfaces.
In a security bulletin posted to its website Sunday, Vercel said that it had “engaged incident response experts to help investigate and remediate,” and had also notified law enforcement. The firm claims only a limited subset of its customers have been impacted by the breach — its services currently remain fully operational despite the incident.
Vercel’s initial investigations suggest the breach originated from a “small, third-party AI tool.” The AI tool’s Google Workspace OpenAuth app was linked to a broader breach, which Vercel claims could potentially impact “hundreds of its users across many organisations.”
Vercel’s CEO, Guillermo Rauch, later posted on X, adding more detail. He said one employee was compromised via a breach of an AI tool he was using, called Context.ai. Once this employee was compromised, the hackers appear to have been able to broaden the breach to other Vercel environments, Rauch said.
Vercel said the hack could potentially expose unprotected environment variables being used by deployments hosted on the platform. It recommended users review and change any environment variables that weren’t marked as sensitive and encouraged users to use “sensitive” environment variables in the future to prevent them from being exposed.
Related: AI Agent Boom Turns Risky: OpenClaw Exposes Millions to Hacks and Crypto Theft
Vercel’s announcement came shortly after a post was made by a user calling themselves ‘ShinyHunters’ on the cybercrime marketplace Breachforums, in which they claimed to have breached Vercel’s systems and were selling its data — including access keys, source code, database data, and access to internal deployments and API keys — for US$2 million (AU$2.7m).
ShinyHunters is the name of a well-known hacking group and extortion gang. This group has denied involvement in the Vercel hack, according to BleepingComputer.
The attacker also shared a text file containing personal data on Vercel employees, including names, email addresses and activity timestamps, along with a screenshot appearing to show an internal Vercel dashboard.
Related: Ledger Targets AI Agent Risks With Hardware-Based Security and Human Controls
In other messages being shared on Telegram, the hacker appears to claim they were in contact with Vercel regarding the breach and that they’ve discussed a US$2 million ransom to return the stolen data.
The post Vercel Breach Linked to AI Tool Compromise Raises Risk for Crypto Frontends appeared first on Crypto News Australia.
