A hacker is wiping Git repositories and asking for a ransom

Posted on May 5, 2019

A hacker is wiping Git repositories and asking for a ransom

Hundreds of developers have had had Git source code repositories wiped and replaced with a ransom demand. The attacks started earlier today, appear to be coordinated across Git hosting services (GitHub, Bitbucket, GitLab), and it is still unclear how they are happening. What it is known is that the hacker removes all source code and recent commits from vitcims’ Git repositories, and leaves a ransom note behind that asks for a payment of 0.1 Bitcoin (~$570).

The hacker claims all source code has been downloaded and stored on one of their servers, and gives the victim ten days to pay the ransom; otherwise, they’ll make the code public. To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at admin@gitsbackup.com with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof.

Your code is downloaded and backed up on our servers. If we dont receive your payment in the next 10 Days, we will make your code public or use them otherwise.

Source: zdnet.com