The GitHub belonging to Microsoft and which is an open software development platform, some hackers targeted last night. They are demanding a ransom in order to return the hundreds of source code they stole.
The hackers deleted 392 GitHub accounts, stored the codes and placed them on their own server. They left a note in each account requesting a payment in Bitcoins in order to recover the stolen software.
The message reads:
“To get him back lost κώδικά σας και να αποφύγετε τη διαρροή του: Στείλτε μας 0,1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us via email at admin@gitsbackup.com with your Git ID and proof of payment.
If you are not sure if we have your data, contact us and we will send you a receipt. Your code has been downloaded and a backup has been created on our servers.
If we do not receive your payment within the next 10 days, we will make the code public or use it differently. "
GitLab Security Director Kathy Wang issued a statement in response to the cyber attacks:
"We have identified the affected accounts and all of these users have been notified. "As a result of our investigation, we have strong evidence that the exposed accounts had the passwords stored as plain text."
Jeremy Galloway, a security researcher at Atlassian, confirmed that a large number of GitHub users have been affected by this hack.
GitHub suggests enabling two-factor authentication factors, to add an extra layer of security to your account. See how you can to set it.