Microsoft-owned GitHub, an open source software development platform, has been targeted by some hackers last night. They demand ransom in order to return the hundreds of code sources they stole.
The hackers deleted 392 GitHub accounts, stored the codes and placed them on their own server. They left a note in each account requesting a payment in Bitcoins in order to recover the stolen software.
The message reads:
"To recover your lost password and prevent it from being leaked: Send us 0,1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us via email at admin@gitsbackup.com with your Git ID and proof of payment.
If you are not sure if we have your data, contact us and we will send you a receipt. Your code has been downloaded and a backup has been created on our servers.
If we do not receive your payment within the next 10 days, we will make the code public or use it differently. "
GitLab Security Director Kathy Wang issued a statement in response to the cyber attacks:
"We have identified the affected accounts and all of these users have been notified. "As a result of our investigation, we have strong evidence that the exposed accounts had the passwords stored as plain text."
Ο Jeremy Galloway, ένας ερευνητής ασφάλειας στην Atlassian, επιβεβαίωσε ότι μεγάλος αριθμός χρηστών του GitHub έχει επηρεαστεί από αυτό το hack.
GitHub suggests enabling auditing ID cardς two factors, to add an extra layer of security to your account. See how you can to set it.