Hackers Attacking GitHub Repositories for Bitcoin Ransom
GitHub, a platform where software developers from across the globe discover, share and build software, is now being attacked by hackers who aim to hijack and encrypt users’ code for a Bitcoin ransom, according to a Vice report on May 3, 2019.
Code for Bitcoin
Per sources close to the matter, bad actors have now devised a new means to extort developers by hijacking code repositories, encrypting them and asking for a crypto ransom from their owners.
Reportedly, the bad actors have found a way of breaking into GitHub and BitBucket code repositories, taking over the works of developers, asking them to pay a certain amount in bitcoin (BTC) to regain access to their code.
According to a post by a Reddit user with the moniker, u/youxufkhan, his entire repository got hijacked by hackers who left a message requesting a ransom of 0.1 bitcoin (BTC), roughly $570 at the time.
“To regain access to your lost code and avoid leaking it: Send us 0.1 Bitcoin to our address and contact us via email at [email protected] with your Git login and Proof of Payment,” declared the hackers.
The hackers also claimed that they had securely backed up the victim’s code on their servers and could send a proof to the owner if they are in doubt.
“If you are unsure if we have your data, contact us and we will send you a proof. If we do not receive payment in the next 10 days, we will expose your data to the public or use them,” threatened the hackers.
Reportedly, Jeremy Galloway, a security researcher at Atlassian, the parent company of BitBucket, has hinted that the hackers may have succeeded in taking over the code of at least 1,000 developers on GitHub. Despite the many victims, it appears that the affected devs are not playing to the tune of the cyberpunks just yet, as the hackers’ Bitcoin wallet has only received $2.99 in BTC.
Interestingly, there appears to be a ray of hope for victims’ as one of the affected devs claims to have figured out a way to recover the files from the hackers’ servers, provided the coder has a clone of the code saved on their computers.
In related news, earlier in April 2019, BTCManager informed that hackers had breached the database of Docker, a software tools development firm, stealing the data of about 190,000 users.