Hackers have broken into code repositories located on GitHub, one of the world's largest software development platforms, and affected at least 392 different repositories. Hackers demand payment of 0.1 BTC ($558), as well as an email confirming that the ransom has been paid.
A report about hacking was made by a user of Reddit, who stated that he had found a warning about the attack. Moreover, the user noted that the used repository was hacked, and the code was deleted. At the same time, the attackers left a message requiring payment of 0.1 BTC with confirmation letter. As it was stated by hackers, they promised to return the code after the payment. For now, the number of victims reaches about 300 people.
Apparently, code stores on similar GitHub services, including Bitbucket and GitLab, were also attacked. Criminals got the opportunity to delete the code by reaching accounts with weak passwords or using personal data leaks.
In the statement, GitHub team said that they are working now with the users that faced hacking striving to restore accounts and their security. It was confirmed that some accounts have been "compromised" by third-pary actions.
At the moment it is not clear whether any valuable code is affected, since many repositories are public and store a large number of unused or unsuccessful projects. Experts intend to restore the affected repositories in the near future.
To protect their customers, GitHub and other services recommend that users use the two-factor identification method.
And for the time being, it's unclear how hackers crack accounts. Despite hundreds of victims, the number of ransoms for the code remains small. The hackers' bitcoin wallet received only one payment of about $3.