911 Hack Removal

Git Repositories (GitHub, GitLab & BitBucket) Hacked

Updated on: March 29, 2020

Git Repositories (GitHub, GitLab & BitBucket) Hacked

Article Summary

This weekend, another shocking news started doing rounds. Git Repositories, the distributed version control for open source software was hacked. It includes GitHub, GitLab & Bitbucket as its extended channels. According to GitHub search, as many as 392 user accounts has been hacked. Further, the malefactor has deleted programmer’s source codes and version histories and replaced it.

This weekend, another shocking news started doing rounds. Git Repositories hacked- the distributed version control for open source software was hacked. It includes GitHub, GitLab & Bitbucket as its extended channels. According to GitHub search, as many as 392 user accounts have been hacked. Further, the malefactor has deleted the programmer’s source codes and version histories and replaced it.

Ransom Message by Hacker

Late Friday, many programmers saw their “commits” section erased and replaced by a hacker created ransom message. In which the hacker asked for a sum of 0.1 Bitcoin (BTC), roughly about $250 deposited to their Bitcoin address in a span of 10 days. Or to contact him on his email “admin@gitsbackup.com”.

In that same message the hacker further threatened that if he has not received the payment within 10 days, he will go on to make the source codes public or exploit them at will.

In spite of this, no programmer has shown the will to pay the hackers except one who paid a meager amount of 0.00052525 BTS, which roughly converts to $3.

Git Repositories Hacked- Detailed Report

It is still unclear as to why this exploit happened, but the conjecture is that hackers must have exploited the free SourceTree git platform. For the users who were using multiple git repositories are only the ones that are being targeted.

An official update on this case came from Kathy Wang, Director of Security at GitLab. She confirmed the issue and assured that the investigation has already begun at GitLab. She, further, said that the affected users have been identified and notified. Regarding the hack, she referred to the investigation that there are proofs of the compromised accounts having their passwords stored in public permitted files.

Also, Only those repos were affected which were hosted across a number of platforms, from GitHub and GitLab to Bitbucket. Hence, it is extremely probable that the malware is targeting loose security structure rather than a particular vulnerability.

Git Repositories Hacked- What to do?

The serious concern here is that the hacker might make the codes public or can exploit them at his will.

Following are the things that you need to take care of right now:

  • Clearly, making sure that you are not storing your passwords in your public configuration files will help you remain immune to most of the attacks on the web.
  • Also, ensure you are using multi-factor authentication for your repositories.

In a nutshell, being vigilant is the answer. Overlooking even a small security measure can result in an awful hack that you could have avoided.

Was this post helpful?

Aakanchha Keshri

Aakanchha is a technical writer and a cybersecurity enthusiast. She is an avid reader, researcher, and an active contributor to our blog and the cybersecurity genre in general. To date, she has written over 200 blogs for more than 60 domains on topics ranging from technical to promotional. When she is not writing or researching she revels in a game or two of CS: GO.

Questions? Got something to add? Let’s Talk

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany