chepicap.com
A new ransom technique is apparently sweeping the software development platform, GitHub, in which hackers scalp code repositories, and threaten creators with either publicizing the code or using it themselves, asking for a (fairly) modest fee for its safe return…
This isn’t an isolated incident either, according to ZDNet the appropriation and subsequent ransom of code has occurred on more than 392 GitHub repositories.
The attacker’s modus operandi typically involves the stealing of code, wiping of the repository and the placement of a ransom ‘note’ which demands the payment of 0.1 BTC (currently $570) and an email providing proof of payment.
This attack is a little more sophisticated than the usual scams as it targets software developers who are bound to hold BTC, or at least have the know-how to purchase some.
The attacker is noted to have compromised accounts with weaker, or previous leaked passwords.
GitHub made a statement on this potential leakage, blaming “third-party exposure”:
“At this time, it appears that account credentials of some of our users have been compromised as a result of unknown third-party exposures. We are working with the affected users to secure and restore their accounts.”
Thankfully and rather hysterically, the attackers supposed BTC address is yet to receive little more than 0.0005 BTC amounting to little under $3 … Let’s hope it stays that way.
Have you ever been a victim of a crypto hack or scam? Let us know in the comments.