Late last week, a hacker stole data from hundreds of Git code repositories and is holding it all for ransom on their servers, threatening to release code to the public if the owners don’t pay up.
The breach was discovered when Github users found the following note in place of their code:
“To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at admin@gitsbackup.com with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we dont receive your payment in the next 10 Days, we will make your code public or use them otherwise.”
Even though the hackers have given the company 10 days to pay, there still may be a way to retrieve data without paying the ransom. Security experts are looking into the same vulnerabilities the hacker found, and are hoping that data can be retrieved. The hacker supposedly combed through the internet for Git config files, then extracted credentials listed in plain text to gain access. The moral of the story here (and i can’t believe I’m actually having to say this in 2019), don’t store your passwords in plain text. It’s dumb, and puts other peoples data at risk.
Kathy Wang, GitLab’s director of security, insisted in a statement to ZDNet that users can protect themselves against future attacks like this one by using password management tools locked down with two-factor authentication.
