Hundreds of Git Code Accounts are Hacked for Ransom

Git Coders Face Ransom

If you are a coder working in a team, then the chances are that all your work and data is stored within some form of Git repository. This allows all users to access the ‘source‘ data to ensure (in very basic terms) that everyone working on it is singing from the same hymn sheet.

As such, losing the data or even access to it can represent a very significant loss in time. Well, that and also (perhaps more significantly) money and development.

In a report via The Verge, however, various people are waking up to that potential reality as a hacker has been able to obtain details for hundreds of accounts with code stored on various Git repository websites.

How Did This Happen?

The hacker reportedly obtained the passwords by simply doing a bit of research and internet ‘leg work’. By searching online for the configuration files, apparently many users left the access passwords in (practically) plain sight.

Removing all of the data from the repositories, those logging in to start work will instead find the following message:

“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we dont receive your payment in the next 10 Days, we will make your code public or use them otherwise.”

With 0.1BTC currently trading at about $550-$580, while it isn’t a crazy amount of money, it still represents a fairly significant sum.

Who Has Been Affected?

Users from GitHub, Bitbucket, and GitLab have all been confirmed as having been targeted by this hacker. While GitHub has acknowledged the attack, they do of course (and quite rightly) absolve themselves of any blame. They didn’t, after all, make the passwords so easily available. The coders themselves did. As such, the hacker didn’t strictly ‘hack’ anything. They just found information that was freely available with just a little digging.

As such, while they sympathise with the situation, their best recommendation is for all users to firstly not put their passwords into any written format and secondly to activate the two-factor authentication.

What do you think? Do you know anyone who has been affected by this? Do you use two-factor authentication? – Let us know in the comments!

Mike Sanders

Disqus Comments Loading...

Recent Posts

Scan Pro Audio FT-16 Chromatic Clip on Guitar Tuner

Scan Pro Audio’s FT-16 Clip-On Guitar Tuner delivers rapid tuning accuracy when you need it…

13 hours ago

Fender – Player Lead II – Black

Fender created the Lead Series in 1979 in response to an influx of high-quality, low-priced…

13 hours ago

HifiMan – HE-R10D Professional Dynamic Headphones

HiFiMan's HE-R10D is a closed-back headphone designed for a natural and nuanced audio performance. It…

13 hours ago

DeepCool AK400 ZERO DARK Intel/AMD CPU Cooler with 120mm Fan

The DeepCool AK400 ZERO DARK is an all-black variant of DeepCool's highly compatible AK400 CPU…

13 hours ago

Cyber Acoustics Shasta CVL-2001 USB Condenser Microphone 

The perfect microphone for live blog streams podcast recordings voice-overs interviews skype video conferencing conference…

13 hours ago

ASUS ZenBook Duo 14″ IPS-Level Full HD Core i7 GeForce MX450 Laptop

ZenBook Duo 14 lets you get things done in style: calmly, efficiently, and with zero…

13 hours ago