GitHub Hit by Hacker : Asking ransom from Developers in order to Restore their Source Codes
By MYBRANDBOOK
Hackers have hit open source software development platform Microsoft-owned GitHub, removing code repositories and asking ransom from developers in order to restore their source codes.
According to a report online on Friday, hundreds of developers have had their source code repositories wiped and replaced with a ransom demand on Microsoft-owned GitHub.
"What is known is that the hacker removes all source code and recent commits from victims' Git repositories, and leaves a ransom note behind that asks for a payment in Bitcoins," the report added.
The hackers claim all source code has been downloaded and stored on one of their servers.
"To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by email at admin@gitsbackup.com with your Git login and a proof of payment," read the ransom
message.
"If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers.
"If we don't receive your payment in the next 10 days, we will make your code public or use them otherwise," the hackers' message read.
A GitHub search revealed that at least 392 GitHub repositories have been compromised.
Kathy Wang, Director of Security for GitLab, was quoted as saying that they immediately began investigation into the issue.
"We have identified affected user accounts and all of those users have been notified. As a result of our investigation, we have strong evidence that the compromised accounts have account passwords being stored in plaintext on a deployment of a related repository," Wang told on the report.
"We are still investigating the issue but we found evidence the 'update' scripts in some of the affected repositories hardcoded credentials in an insecure location in the deployed application," she added in an email, which notes that GitLab users can also restore their code repos. More instructions are available here.
Jeremy Galloway, a security researcher at Atlassian, which owns BitBucket, told Motherboard that the company has seen a lot of users' repositories getting hit by these hackers.
Google Pay has added "Open Wallet" shortcut
With the introduction of the "Open Wallet" shortcut, Google Pay has impro...
TRAI targets to finalise National Broadcast Policy by May-end
The Telecom Regulatory Authority of India will finalise the National Broa...
TAC Security becomes Cyber Security Assessor for the App Defen
The cybersecurity company, TAC Security has been selected as a key Cyber ...
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
BHARAT ELECTRONICS LTD.
LAVA INTERNATIONAL LTD.
SAMSUNG INDIA ELECTRONICS PVT. LTD.
QUICK HEAL TECHNOLOGIES PVT. Ltd.
Technology Icons Of India 2023: Gautam Adani
Gautam Adani is the Founder and the Chairman of the Adani Group, an In...
Technology Icons Of India 2023: Debjani Ghosh
Debjani Ghosh is the first woman president of NASSCOM (the umbrella bo...
Technology Icons Of India 2023: Som Satsangi
With more than three decades in the IT Sector, Som is responsible for ...
ITI Limited widening its focus area
ITI Limited is a public sector undertaking company, has manufacturing ...
RailTel connecting every corner of India
RailTel is an ICT provider and one of the largest neutral telecom infr...
INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country
IndianOil, a diversified, integrated energy major with presence in alm...
Crayon Software Experts India Pvt Ltd
Crayon helps its customers build the commercial and technical foundati...
SONATA INFORMATION TECHNOLOGY LIMITED
Sonata Software Limited is a leading Modernization engineering company...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...