GitHub repositories are being attacked and wiped in new extortion scam

Sead Fadilpašić

7 June 2024 at 11:23 am·2-min read

GitHub users are falling victim to an ongoing extortion campaign that threatens to delete their data for good.

Cybersecurity researchers from CronUp have warned of a threat actor with the alias Gitloker breaking into people’s GitHub accounts, stealing the contents, and then wiping the accounts clean.

After that, the attacker would leave a note in the account, inviting the victim for a Telegram chat, where they could negotiate the return of the files, in exchange for money: "I hope this message finds you well. This is an urgent notice to inform you that your data has been compromised, and we have secured a backup," the threat actor says in the ransom note.

Securing your GitHub account

At this time, it is unknown how Gitloker managed to compromise these accounts. BleepingComputer speculates that they’re likely using credentials stolen in earlier attacks. Alternatively, they might have obtained them on the dark web.

Given its huge populairty, GitHub often faces a barrage of different cyberattacks, and users should do their part in securing their files on the platform by enabling two-factor authentication, or setting up a passkey as an alternative to a password-based login. They should review and revoke unauthorized access to SSH keys, deploy keys, and authorized integration, and should verify all email addresses associated with their account.

Finally, they should keep track of security logs and manage webhooks.

Usually, threat actors would try to smuggle malware into GitHub repositories, often by means of typosquatting. They would create a repository with a name almost identical to that of a legitimate package, and use automated bots to give it a high rating and a few solid reviews. After that, they would advertise it in coding communities and similar forums.

Besides GitHub, PyPI is another popular code repository that often struggles to contain hacking campaigns.

More from TechRadar Pro

GitHub under attack — millions of malicious cloud repositories bombard website
Here's a list of the best firewalls around today
These are the best endpoint security tools right now

The Independent
I was at the Trump-Biden presidential debate and it became very clear what had gone wrong
When the debate ended, the Biden surrogates were nowhere to be found — until they emerged, grim-faced, as a group, and the rumors began. Andrew Feinberg reports on what happened behind the scenes at the first presidential debate in Atlanta, Georgia — and why the president’s performance went so badly
Evening Standard
Police investigate video 'showing female prison officer having sex with inmate in Wandsworth Prison cell'
The Ministry of Justice called in police after the video was released online
Associated Press
An Indian military tank sinks while crossing a river in a region bordering China, killing 5 soldiers
Five Indian soldiers were killed when a military tank they were travelling in sank while crossing a river in the remote region of Ladakh that borders China, officials said Saturday. The tank sank early Saturday due to sudden increase in the water levels of Shyok River during a military training activity, according to an Indian army command center statement. It said the accident took place in Saser Brangsa near the Line of Actual Control that divides India and China in the Ladakh region.
The Guardian
Who could replace Joe Biden? Here are six possibilities
With Biden not yet officially endorsed as Democratic presidential candidate, it is in theory open to the party to choose another candidate
Twentytwo13
Malaysians on tenterhooks after Johor Regent takes on Selangor Sultan in public domain
The football drama in Malaysia has reached fever-pitch, with the spotlight now on the Johor and Selangor palaces. The post Malaysians on tenterhooks after Johor Regent takes on Selangor Sultan in public domain appeared first on Twentytwo13.
The Independent
‘Panic mode’ Democrats begin calling for Biden to step aside after ‘horrible’ debate performance against Trump
‘Need to have Harris take over. Cleanest option,’ one Democrat strategist told The Independent
The Telegraph
‘This wasn’t a debate, it was a medical emergency’: Our writers give their verdicts
Follow the latest reaction in our live blog
The Telegraph
‘Trillion dollar trainwreck’: US super stealth fighter is eating the next generation
All of a sudden, the US Air Force is considering cancelling a multibillion-dollar effort to develop a new stealth fighter. Citing the high cost of the so-called “Next-Generation Air Dominance” programme and the competing demands of other projects, USAF leaders have warned they may have no choice but to cancel NGAD – and find other ways of winning control of the air in future wars.
People
Griff Is Giving Away the Dress She Wore to Open for Taylor Swift: ‘Wanted to Pass It Down’
The singer revealed she is giving away her "But Daddy I Love Him"-inspired dress she wore when she opened at the Eras Tour on June 22
CNN
China expels two former defense ministers from Communist Party as military purge deepens
China on Thursday expelled its former Defense Minister Li Shangfu from the ruling Communist Party over corruption allegations, state broadcaster CCTV reported, eight months after he was dramatically removed from the post.
SETHLUI.COM
Owners of private diner with 2 years waitlist open curry mee stall at Havelock Food Centre
The post Owners of private diner with 2 years waitlist open curry mee stall at Havelock Food Centre appeared first on SETHLUI.com.
INSIDER
A grinding Russian assault appears telling about Putin's plan to defeat Ukraine
ISW's conflict experts warned that the West must "challenge Putin's belief that he can gradually subsume Ukraine."
Evening Standard
Transfer news LIVE! First Arsenal signing; Chelsea in new Isak bid; Gordon to Liverpool twist; Man Utd latest
Stay up to date with the latest deals, updates, rumours and gossip during the summer window
INSIDER
It took a woman 3 years and cost her $200K to kick a tenant out of her LA home. She says she cried when she saw the bloody mess he left.
Alison Weinsweig told BI about her three-year ordeal with a tenant, which ended in over $200,000 in losses, a legal battle, and blood-stained floors.
Hello!
Victoria Beckham's new dress will have the royal family queuing up
Victoria Beckham's latest dress is a monochrome style that is very royal-esque! Kate Middleton, Meghan Markle and Duchess Sophie have all worn the wife of David Beckham's designs.
BuzzFeed
Flight Attendants Are Sharing The Most Entitled Passengers They've Ever Had To Deal With, And I'm Disgusted
"Every so often, we get the odd straggler who boards last and finds a vacant seat in first or business, thinking that we won't know that they are from coach."
Reuters
Huawei's Harmony aims to end China's reliance on Windows, Android
Packed into a small room, a drone, bipedal robot, supermarket checkout and other devices showcase a vision of China's software future - one where an operating system developed by national champion Huawei has replaced Windows and Android. The collection is at the Harmony Ecosystem Innovation Centre in the southern city of Shenzhen, a local government-owned entity that encourages authorities, companies and hardware makers to develop software using OpenHarmony, an open-source version of the operating system Huawei launched five years ago after U.S. sanctions cut off support for Google's Android. While Huawei's recent strong-selling smartphone launches have been closely watched for signs of advances in China's chip supply chain, the company has also quietly built up expertise in sectors crucial to Beijing's vision of technology self-sufficiency from operating systems to in-vehicle software.
BBC
One dead as roof collapse smashes cars at Delhi airport
Videos show crushed cars and broken pillars after a canopy over Terminal 1 collapses, killing one person.
Barrons.com
Alibaba Stock Has Languished While Tencent Has Soared. One Reason Why.
Shares in Tencent, like much of the rest of Chinese tech, have been slammed since Beijing began a crackdown on technology companies in late 2020.
The Telegraph
New York Times calls on Joe Biden to step down
The New York Times has called on Joe Biden to stand down from the presidential race and relinquish the Democratic nomination to a “stronger candidate” who would have a better chance of beating Donald Trump.

Securing your GitHub account

More from TechRadar Pro

Latest stories