A hacker wiped some git repos and is asking for ransom in bitcoins. What a shitshow. I'm telling you this guy is messing with the wrong people!

The root cause as reported was weak passwords and unremoved tokens.

@jespersh He's emailing some proofs that he has the code. Yeah, but even I'm skeptical.

@jespersh This is the message -

To recover your lost code and avoid leaking it: Send us 0.1 Bitcoin (BTC) to our Bitcoin address ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA and contact us by Email at admin@gitsbackup.com with your Git login and a Proof of Payment. If you are unsure if we have your data, contact us and we will send you a proof. Your code is downloaded and backed up on our servers. If we dont receive your payment in the next 10 Days, we will make your code public or use them otherwise.

I can’t wait to see the public repo.

@Biggy some people want to wait and watch the world burn 😂😂

It's pretty much BS. If you have the local repo you can just git reset head

@DeepSpace What about companies holding private repos? Making that public is going to cost dearly.

Dear hacker,
the code you hold, is actually in every developers' local git repo, so we have many backup and all the history ourselves.

As for exposing the code in public, you'll actually make us a favour, as we need help fixing bugs and security issues.

We would publish it as open source ourselves, but we don't have much time.

Can you please publish it on github for us? I'll be glad if you can make it by tomorrow.

You can also contribute with a couple of patches.
We can't pay you in bitcoin as per company policy , but we can send you some little Amazon gift or even some food.

Let me know your preferences.

@deviloper Savage 😂😂

How does one "wipe some git repos"?

Like on github or what?

@b3b3 So here's my guess - the hacker got hold of a token on the user's desktop by some malware. He used that token to gain access to the user's git account. From there, he cloned the repo and then deleted it. Deleting a repo is a destructive activity. I'm unsure if GitHub/BitBucket archive your repos.

@deviloper Bahhahahahahahahahha now THAT would be a nice response. Really nice ! Don't forget to tell him to hurry up with the upload, because the boss is waiting, and send him a bunch of bugs to fix while they're at it.

@jespersh Did you check that? Or are you just speculating ?

@jespersh damn, okay someone should alert all the affected repo owners

People with public repos, but no backups are stupid and have to learn the hard way.

Companies who seriously host business critical code at some external site like Github are even more stupid and deserve to go bankrupt.

No damage done.

It became apparent that some idiots added username:password to the urls in .git/config (a file that is pushed to the remote repo) instead of using ssh keys. These people deserve to get ""hacked""