Hacker steals projects on GitHub and requires redemption

Developers and users of GitHub are being overwhelmed by a wave of code hijackings with a hacker, or a group of them, requiring redemption to return works that were originally published in the repository. The affected pages no longer display the projects to show everyone a small text in which the criminal requires 0.1 bitcoin, the equivalent of about $ 2,300, to return what was stolen.

There is a deadline for this, inclusive. A good part of the kidnappings occurred last weekend and the thug requires payment in 10 days. Otherwise, the job will be erased with no chance of recovery. A contact email is also provided in the text, whereby those affected can request proof that the hacker is in possession of the codes and also where the proof of money transfer should be sent after payment has been made.

According to international press reports, it is not a security flaw in GitHub's systems, but rather a flurry of the developers themselves. The news is still few, but it appears that the hacker obtained access to the projects from configuration files, which contained passwords stored in plain text that matched those that gave access to the repository, allowing access and manipulation of the accounts of affected users.

Still, and even if it did not make an official statement on the subject, the platform would be working with those affected through its support service in an attempt to recover what was lost. In addition, of course, the main recommendation is not to make the payment, however important the code made available on GitHub is, since there is not even a guarantee that the return will happen after that.

According to one of the affected, Stefan Gabos, the attempted coup has characteristics of being automated, since other online accounts that shared the same password were not accessed. Likewise, sensitive information contained in the code has also not been obtained or released on the internet, something that matches a bot standard, which looks for the GitHub passwords available in the projects and simply tries to access, deleting what is available and replacing the message asking for the ransom if it succeeds.

Therefore, it is best to take care to ensure that projects are not easily accessed. Avoid storing passwords in plain text files and enable security procedures such as two-factor authentication in the service. In addition, it is a good recommendation to use password management applications, which are capable of creating random codes that are more difficult to break by automated systems for criminals.

The measures are worth even for the affected users, who have not lost access to their accounts in the service. For them, the recommendation is to contact the support, but other methods can also work, as indicated by Gabos himself, even if only part of the original work is recovered.

About Emmanuel

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

0 Comments:

Post a Comment

Your comment and facebook share will be appreciated