Hacker goes after GitHub repositories

The latest target of simpleminded hackers looking for easy cash is not what many would have expected, but which shouldn’t be surprising, either. It appears that the scammers are going after GitHub and BitBucket and are wreaking havoc with repositories, holding them for ransom unless a cryptocurrency payment is made.

Several repositories have already come under attack. Hackers will gain access to a repository and completely clean it out. They then contact the repository’s owner and request a ransom payment in order to put everything back in order.

A thread on Reddit, started by a victim, discusses the attack. He posted the message he received, which reads, “To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) [about $570] to our Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at [email protected] with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we dont [sic] receive your payment in the next 10 Days, we will make your code public or use them otherwise.”

One security researcher who works for Bitbucket parent company Atlassian, Jeremy Galloway, reports that there have been a lot of similar attacks and that upwards of 1,000 may have been hit. It’s unsure how the hackers are breaking into the accounts, but security researchers are currently trying to figure it out.

Fortunately, coders are smart and they may have already found a way to beat the hackers without having to make any payments. A thread on Stack Exchange was started by Stefan Gabos, a repository owner who had come under attack. His workaround has yet to be confirmed by a majority of coders, but it’s worth considering.

According to a scan of the BTC address included by the hackers, the crypto community is, once again, showing that it isn’t going to be duped as easily as perhaps some other segments are. Only one payment worth $2.99 has been received by the address. This is yet another example of why crypto is better and stronger than fiat.

To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.