Get All The Breaking Android & iOS News, Google, Tech News, Smartphones, Rumors, Leaks, Reviews, Updates, Apps, Games, Custom roms, Health, Movies and More

GitHub source code was hacked, Even Microsoft was not spared.


"Don't move, let me shoot again!" A scorpion man pointed his gun at the head of the house, and the index finger was clasped on the trigger. This robber is serious! The legs of the house were soft into noodles, and the sweat of the beans rolled down, and the strength of the beggar was gone.

With a bang, everything is over... Open your eyes, the small flag in the muzzle flutters in the wind, the top five characters are bright and dazzling - you are a broken.

On the other hand, after picking up the hood, I laughed at the housemates who had a sigh of relief... Asi~ Are you finished with such a serious farce? In the security world, situations like unclear truths and falsehoods often occur. The latest news said that GitHub has been hacked, hundreds of source code has been stolen and hacked to extort bitcoin.

However, this is probably just a farce, why do you say that? And see below.

According to cnBeta, Microsoft’s Git warehouse was looted by hackers and Microsoft did not seem to be spared.

Microsoft has confirmed that its open source platform was also hacked yesterday and was also required to pay in order to return the 392 source code stolen. The code and submitted information of these warehouses were deleted by an account named "gitbackup".


From the content of the message, the hacker has deleted all the source code and the recently submitted Repo in the victim's Git repository, leaving only a ransom note of 0.1 bitcoin (about ¥3850).

The ticket reads: "To recover the lost code, please send the 0.1 BTC to the bitcoin address 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and send the Git login information and proof of payment to admin@gitsbackup.com. If you are not sure if you hold your Data, the information can be sent for verification. Payments are not received within 10 days, will be publicly coded or otherwise used."



Upon hearing the news, GitHub responded: "At the moment, we are contacting the affected users to protect and restore their accounts." The BitcoinAbuse platform shows that the bitcoin address has not yet received a ransom.

GitHub recommends that users turn on two-factor authentication and add an extra layer of security to their account.

The attack began on May 3, and in addition to GitHub, multiple code hosting platforms, including Bitbucket and GitLab, were also affected.

From the message, the hacker deleted all the data in the repository, but is that true? 


Kathy Wang, Director of Security at GitLab, issued a statement in response to the cyberattack: "We have identified the affected user accounts and have notified all of them. Based on the survey results, we have sufficient evidence that the account passwords for the damaged accounts are stored in clear storage in the relevant store. The deployment of the library."

In other words, Kathy Wang believes that the hacker's statement in the ticket that has deleted all the data in the repository may not be true. Isn't it all deleted? What do you say? In fact, this is the conclusion of the members of the StackExchange Security Forum after an in-depth study of the attack.

The study found that "in general, the 'git reflog' flag shows all the data submitted, which means that it is difficult for an attacker to clone each repository, so that they have low chances of finding sensitive data or publishing code in the source code. Therefore, this attack is more like a random, large-scale attack, and the attack itself is generated by a script."

They found that the hacker did not seem to completely remove the data from the blackmail bill, but only changed the Git commit header, which means that the data is likely to be restored under certain circumstances.

Image source : google search & cnBeta

Stay Tuned For More :)


No comments:

Post a Comment