Skip to main content
  1. Home
  2. Computing
  3. News

Hackers demanding bitcoin payments for code held hostage from GitHub and GitLab

By

Hackers are demanding bitcoin payments in exchange for code that they have extracted from GitHub, GitLab, and Bitbucket repositories, through ransom notes that they have left behind for their victims.

Hackers have removed all the source code from the repositories, and in exchange is a ransom note that demands 0.1 bitcoin, which is equivalent to about $570. The hackers claim to be willing to send proof that they are indeed holding the code hostage, backed up on their own servers.

Recommended Videos

“If we don’t receive your payment in the next 10 days, we will make your code public or use them otherwise,” the hackers wrote to end the ransom note.

Please enable Javascript to view this content

There were a total of 392 GitHub repositories that had their commits and code wiped out by an account named gitbackup, which was created seven years ago on January 25, 2012, according to Bleeping Computer. So far, none of the victims have succumbed and paid the ransom to the hackers, which is good as there is no assurance that the code will indeed be returned.

It remains unclear how the hacker or hackers are gaining access to the repositories to be able to wipe out the stored codes and leave behind the ransom note. One user received a response from Atlassian, the company behind Bitbucket and the cross-platform free Git client SourceTree, regarding an attempted breach.

“Within the past few hours, we detected and blocked an attempt — from a suspicious IP address — to log in with your Atlassian account. We believe that someone used a list of login details stolen from third-party services in an attempt to access multiple accounts,” Atlassian told the user.

According to investigations by GitHub, in cooperation with the security teams of other affected companies, there was no evidence that the authentication systems of the repositories were compromised. It appears that the account credentials of the victims were acquired by hackers from third-party exposures, which is one of the risks of using a username and password in more than one service.

GitHub recommends its customers to use two-factor authentication, in conjunction with strong passwords, for better protection. However, one victim said that the hackers were still able to gain access even with two-factor authentication enabled, suggesting a vulnerability within GitHub’s systems.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
One of the best work-from-home laptops is $120 off at Dell
The Dell Inspiron 15 on a white background.

Dell laptop deals love to tempt us all year round, and today we're seeing a great option to help prepare you for the new year. Today, you can buy the Dell Inspiron 15 for $330 instead of $450. We consider it to be one of the best laptops around for anyone working from home and keeping costs down. Read on and we’ll take you through what it has to offer, but remember, that $120 discount won’t stick around forever.

Why you should buy the Dell Inspiron 15
Check out our extensive guide to the best laptops for working from home and you’ll see the Dell Inspiron 15 riding high up top. The range is well priced while offering just the hardware you need for a great experience when working. This particular model has an AMD Ryzen 5 7520U CPU as well as 8GB of RAM and 512GB of SSD storage. Basic stuff, sure, but the design of the laptop is built to last and very robust for the price.

Read more
Prepare your wallet — this RTX 5090 PC costs over $6,000
Acer Predator Orion 7000 sitting on a table.

It's safe to say that no one expects Nvidia's best graphics cards to be cheap, but wow, these leaked listings are something else. Otto.de, a German retailer, briefly listed two Acer Predator Orion gaming PCs equipped with the RTX 5090 and the RTX 5080, and the prices are pretty crazy. The PC that comes with the RTX 5090 was priced at 5,999 euros, or around $6,240.

These listings were taken down shortly after they appeared, but VideoCardz snapped some screenshots before it was too late. Both seem to be newer versions of the Acer Predator Orion, and are equipped with Nvidia's upcoming RTX 50-series graphics cards and Intel's Core Ultra 200 series CPUs.

Read more
Intel’s promised Arrow Lake autopsy details up to 30% loss in performance
The Core Ultra 9 285K socketed into a motherboard.

Intel's Arrow Lake CPUs didn't make it on our list of the best processors when they released earlier this year. As you can read in our Core Ultra 9 285K review, Intel's latest desktop offering struggled to keep pace with last-gen options, particularly in games, and showed strange behavior in apps like Premiere Pro. Now, Intel says it has fixed the issues with its Arrow Lake range, which accounted for up to a 30% loss in real-world performance compared to Intel's in-house testing.

The company identified five issues with the performance of Arrow Lake, four of which are resolved now. The latest BIOS and Windows Updates (more details on those later in this story) will restore Arrow Lake processors to their expected level of performance, according to Intel, while a new firmware will offer additional performance improvements. That firmware is expected to release in January, pushing beyond the baseline level of performance Intel expected out of Arrow Lake.

Read more