Hackers attack Microsoft Github; demand ransom via bitcoin

Microsoft’s opens source development platform Github was hit by hackers, removing code repositories and asking ransom from developers in order to restore their source codes.  Hackers have been targeting GitHub accounts and have managed to access at least 392 accounts so far.  Hackers delete the code they find and leave a Bitcoin ransom demand behind. ZDNet reported, hundreds of developers have had their source code repositories wiped and replaced with a ransom demand on Microsoft-owned GitHub.
“What is known is that the hacker removes all source code and recent commits from victims’ Git repositories, and leaves a ransom note behind that asks for a payment in Bitcoins,” the report added.

The hackers claim all source code has been downloaded and stored on one of their servers.

“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address and contact us by email at with your login and a proof of payment,” read the ransom message.

“If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers.”

“If we don’t receive your payment in the next 10 days, we will make your code public or use them otherwise,” the hackers’ message read.

Kathy Wang, Director of Security for GitLab, quoted that they immediately began an investigation into the issue.

“We have identified affected user accounts and all of those users have been notified. As a result of our investigation, we have strong evidence that the compromised accounts have account passwords being stored in plaintext on deployment of a related repository,” Wang told ZDNet.

Jeremy Galloway, a security researcher at Atlassian, which owns BitBucket, told Motherboard that the company has seen a number of users’ repositories getting hit by these hackers and demanding ransom in bitcoins.

LEAVE A REPLY

Please enter your comment!
Please enter your name here