Hundreds of Git Code Accounts are Hacked for Ransom

Git Coders Face Ransom

If you are a coder working in a team, then the chances are that all your work and data is stored within some form of Git repository. This allows all users to access the ‘source‘ data to ensure (in very basic terms) that everyone working on it is singing from the same hymn sheet.

As such, losing the data or even access to it can represent a very significant loss in time. Well, that and also (perhaps more significantly) money and development.

In a report via The Verge, however, various people are waking up to that potential reality as a hacker has been able to obtain details for hundreds of accounts with code stored on various Git repository websites.

How Did This Happen?

The hacker reportedly obtained the passwords by simply doing a bit of research and internet ‘leg work’. By searching online for the configuration files, apparently many users left the access passwords in (practically) plain sight.

Removing all of the data from the repositories, those logging in to start work will instead find the following message:

“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we dont receive your payment in the next 10 Days, we will make your code public or use them otherwise.”

With 0.1BTC currently trading at about $550-$580, while it isn’t a crazy amount of money, it still represents a fairly significant sum.

Who Has Been Affected?

Users from GitHub, Bitbucket, and GitLab have all been confirmed as having been targeted by this hacker. While GitHub has acknowledged the attack, they do of course (and quite rightly) absolve themselves of any blame. They didn’t, after all, make the passwords so easily available. The coders themselves did. As such, the hacker didn’t strictly ‘hack’ anything. They just found information that was freely available with just a little digging.

As such, while they sympathise with the situation, their best recommendation is for all users to firstly not put their passwords into any written format and secondly to activate the two-factor authentication.

What do you think? Do you know anyone who has been affected by this? Do you use two-factor authentication? – Let us know in the comments!

Mike Sanders

Disqus Comments Loading...

Recent Posts


ASUS TUF GAMING B650-PLUS WIFI takes all the essential elements of the latest AMD Ryzen…

16 hours ago

Samsung 870 QVO 2TB 2.5” Gen2 SATA SSD/Solid State Drive

Enhanced in every way and achieving the maximum SATA interface limit of 560/530 MB/s sequential…

16 hours ago

ASUS TUF GAMING B550-PLUS WiFi II AMD B550 WiFi 6 ATX Motherboard LN113053

TUF Gaming B550-Plus (Wi-Fi) distills essential elements of the latest AMD platform and combines them…

16 hours ago

Aerocool Dryft ARGB Mini Tower micro-ATX PC Case

Experience the stunning panoramic view of Dryft Mini. The unique design allows the full tempered…

17 hours ago

EVGA CLCx 240mm All-In-One RGB LCD CPU Liquid Cooler

Introducing the EVGA CLCx Series - the remix you've been waiting for! The CLCx Series…

17 hours ago

Montech AIR 903 BASE Black Mid Tower Tempered Glass Gaming Case

Introducing the Montech AIR 903 series – the ultimate upgrade for PC enthusiasts. It offers…

17 hours ago