Git source code repositories were wiped by a hacker and demanding a ransom in bitcoin
A number of developers have discovered that code files stored on Git repositories such as Github and Gitlab have been deleted and demanded a ransom in bitcoin. A hacker asks the developer to pay 0.1 bitcoin for about $570, and a hacker will return the code library backup file. However, many developers are not clear about how the above-mentioned well-known code repositories have account leaks so that developers around the world can continue to maintain trust.
After an investigation by these code hosting platforms, it was confirmed that the main responsibility of this hacked incident was that the developer divulged the account password and did not configure two-factor authentication. The investigation mainly found that the code fragment in the hacked code library actually included the account password. These developers have not two-factor authentication, which causes the attacker to log in directly to the code base. According to preliminary statistics, only 392 code bases have been tampered with and deleted on Microsoft’s Github platform, and the content of extortion comments left by attackers is the same.
Fortunately, these deleted content has not actually been successfully deleted. Instead, the hacker only changes the repository’s commit header. This means that at least some of the files can be successfully recovered. If you want to recover deleted files, you can click here to view the help files provided by others. Of course, it is also reminded here that developers must improve their security awareness. This time, the impact of extortion is relatively small.