[ad_1]
Hackers introduce them into private code repositories, wipe them off and demand ransom from their owners to restore their projects.
Ransomware, a type of attack by which hackers infect computers, encrypt their content and ask for money in exchange for a decryption key to restore their data, has been around for decades. This new attack is a bit different, but it is unclear how successfully a victim reported finding a way to recover his code without paying ransom.
Hackers enter code repositories hosted on GitHub, one of the largest software development platforms in the world, and BitBucket, a similar service owned by Atlassian. GitHub did not immediately respond to a request for comment.
Do you know anything about this incident? You can contact this reporter securely on Signal at +1 917 257 1382, on the OTR chat at [email protected] or by email at [email protected].
On Thursday, a Reddit user wrote a warning message about the attack, claiming that his repository had been hacked and that his code had been removed. The intruder has left a message:
"To recover your lost code and avoid leaks: send us 0.1 Bitcoin (BTC) [around $570] on our Bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by email at [email protected] with your Git ID and proof of payment. If you do not know if we have your data, contact us and we will send you a proof. Your code is downloaded and saved on our servers. If we do not receive your payment within the next 10 days, we will return your code or otherwise use it. "
Jeremy Galloway, security researcher at Atlassian, owner of BitBucket, told Motherboard during an online chat that the company had seen many user repositories being hit by these hackers. Galloway said he estimates the number of victims to be at least 1,000, based on internal numbers and reports online. This seems like a good estimate, as a search on the hacker address on GitHub returns 392 projects, as ZDnet reported for the first time.
At this point, it is unclear how hackers are taking over all these accounts. Galloway told the motherboard that Atlassian was investigating the incidents to try to understand him.
Despite the hundreds of victims, for the moment, hackers do not earn much money. For now, the Bitcoin hacker wallet has only received a payment of about $ 2.99 in Bitcoin.
Hackers have not responded to a request for comment sent to the email they forward to the victims.
If your project has been touched, there is good news. A victim claims to have understood that hackers did not remove the code and shared a relatively easy way to recover the files, as long as the victim had a code clone on his computer.
Listen to CYBER, Motherboard's new weekly podcast on hacking and cybersecurity.
[ad_2]
Source link