Submitted via IRC for SoyCow0152
Hundreds of developers have had had Git source code repositories wiped and replaced with a ransom demand.
The attacks started earlier today, appear to be coordinated across Git hosting services (GitHub, Bitbucket, GitLab), and it is still unclear how they are happening.
What it is known is that the hacker removes all source code and recent commits from vitcims' Git repositories, and leaves a ransom note behind that asks for a payment of 0.1 Bitcoin (~$570).
The hacker claims all source code has been downloaded and stored on one of their servers, and gives the victim ten days to pay the ransom; otherwise, they'll make the code public.
Source: https://www.zdnet.com/article/a-hacker-is-wiping-git-repositories-and-asking-for-a-ransom/
(Score: 2, Funny) by Anonymous Coward on Monday May 06 2019, @08:20AM
Oh noes.... my open source code that was available for anyone to download will be released to the public.
Seriously, if you don't want your code on the net, host your own server in-house. It's not rocket science and every in-house dev can have a "backup" on his/her system to work with.
(Score: 0) by Anonymous Coward on Monday May 06 2019, @08:27AM (2 children)
Interesting. I don't think the guy will rake up a lot of money, though. Most projects do not feature code breakthroughs and the projects with them have already been reverse engineered by the competition. Did somebody not have any local copy relying only on git? hm?
(Score: 0) by Anonymous Coward on Monday May 06 2019, @01:07PM (1 child)
And how exactly am I (or the developer) supposed to know that what the extortionist puts back is what was there before? How do we know that the black mailer hasn't put some back doors or other malicious software into the code when it's returned?
(Score: 2, Informative) by Anonymous Coward on Monday May 06 2019, @02:13PM
The same way you know that the remote copy of your git repository is the same one you're working on locally: through git tree hashes. If the two aren't the same, git will abort on a diverted history.
(And yes, there's a possible hash collision attack there -- but underhanded C becomes a lot harder if the underhanded code must also match the original file hash).
(Score: 5, Informative) by Anonymous Coward on Monday May 06 2019, @08:44AM (2 children)
so I understand the bit about closed-source code being made public, that means they got unauthorized access to your data.
but why would anyone care about them "deleting" the online repository? git is decentralized. If you have a local clone, you have everything already, and you are supposed to have backups of your local clone anyway (since you're supposed to have backups of your home folder).
(Score: 3, Insightful) by darkfeline on Tuesday May 07 2019, @03:34AM (1 child)
So they actually notice the ransom note.
I wouldn't be surprised if this started out with the attacker dropping a file in the repository, then noticing he got back zero responses within the deadline.
The kind of company that would get hit by this attack probably wouldn't notice a benign "Add ransom note" commit; just git pull; git push, business as usual.
Now, deleting the entire repo, it's be kinda hard not to notice that.
Join the SDF Public Access UNIX System today!
(Score: 1, Troll) by realDonaldTrump on Tuesday May 07 2019, @05:55AM
This one is massive Clickbate. Article says they "remove." WRONG. Because, Aricle also says they DO NOT DELETE. At BOTTOM of Article. It even has Link -- how to Recovery!!!!
(Score: -1, Troll) by Anonymous Coward on Monday May 06 2019, @09:23AM
Git was selected to be the only source of online repositories. The rest were systematically dismantled. There can still be other repositories but as long as git is mostly used, the rest do not matter.
(((They))) are looking at collectivising all resources. Never underestimate the evil they are capable to unleash on humanity. Being non-humans themselves, they cannot imagine how real people feel.
(Score: 0, Troll) by realDonaldTrump on Monday May 06 2019, @10:11AM (9 children)
The 1st. came from Anomalurus. But, it looked like somebody that possibly knew what he, or she was talking about. With the Link to, somebody's Website. The 2nd. came an hour later. With the Link to Main Stream Media. Which in turn -- they got the story from that same Website as in the first Sub. And Editors went with the 2nd. Sending more people, more money to MSM. Too bad!!!!
(Score: 0, Flamebait) by realDonaldTrump on Monday May 06 2019, @10:59AM (6 children)
(cont) By the way, Headline is Fake News. Because, they're not wiping. Crooked Hillary wiped, she had some very expensive cyber for wiping. These crooks don't wipe. They aren't wiping at all. And folks can get their very special cyber back very easily. WITHOUT PAYING ONE PENNY IN BITCOIN. As the Article, if you look near the end of it, says. And as the 1st. Sub said so well. So much better. But, rejected by incompetent Editors!!!
(Score: 3, Interesting) by J_Darnley on Monday May 06 2019, @12:07PM (4 children)
I'm sorry realDonaldTrump but it was Fact Checked(TM) that Hilary did not wipe her server with a corrosive chemical. https://twitter.com/NBCNews/status/785299709342654465 [twitter.com] It. Was. Fact. Checked.
(Score: 2) by c0lo on Monday May 06 2019, @12:29PM (2 children)
even God can't read it [bleachbit.org].
And some of the comments are delicious.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Tuesday May 07 2019, @02:56AM (1 child)
How.. does one.. taste .. ... ... comments?
(Score: 2) by c0lo on Tuesday May 07 2019, @09:19AM
That's an acquired taste, you have to experience it on your own.
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 0) by Anonymous Coward on Monday May 06 2019, @03:50PM
Please don't feed the trolls. They'll only come back begging for more.
(Score: 2) by DannyB on Monday May 06 2019, @01:56PM
Before you complain about others not wiping, you should learn these important skills for yourself. [amazon.com] This is one of the very first skills that all members of society are expected to master very early in life. No need for you to hire immigrants to do the job for you.
Try new WIPO brand which can be found here here [wipo.int].
When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.
(Score: 0) by Anonymous Coward on Monday May 06 2019, @12:21PM (1 child)
Do you mean this [soylentnews.org]?
If they had merged the submissions this could have been included. I did see the first sub, and would have pulled mine if I could. Oh well. The editors will do what they will. Time to go scare at the clouds.
(Score: 1, Troll) by realDonaldTrump on Monday May 06 2019, @08:44PM
Thank you, that's it. That's the one. Sad that the Editors, and the Down Modders prefer to Clickbate. And hide the true information. Super dumb!!!!
(Score: 0) by Anonymous Coward on Monday May 06 2019, @02:26PM
What I read was unclear, but some people had weak passwords, some were working on repos that were exposed by their web server.
(Score: 2) by realDonaldTrump on Wednesday May 08 2019, @01:46AM
Article is Fake News. It says, crooks delete -- erase. But, look at end (bottom) of Article. Link to, how to "recover." Very easy to "recover" the Cyber. Because, nothing was deleted. Nothing was erased. Nothing wiped. All Cyber still totally O.K. Just, crooks put in a scarey message. Like the scarey Fake Article!!!!