According to cyber forensics course specialists, GitHub, open source software development platform, has been the target of a campaign of aggressive cyberattacks. During the attacks, the threat actors removed code repositories and demanded the developers a ransom in exchange for restoring the deleted code.
The first reports indicate that the attack would
have occurred during last Friday, May 3; So far we know of a hundred cases of
developers who suffered the removal of their source code.
The ransom note received by the affected users
claims that the source code was downloaded and stored on an anonymous server,
controlled by the attackers. Developers have a ten-day deadline to meet the
hackers’ demands, cyber forensics course specialists mentioned. The note
concludes by stating that, if the ransom is not received, hackers will publicly
disclose the stolen source code.
GitHub, owned by Microsoft
several months ago, conducted an internal investigation, concluding that at least
392 repositories are compromised. GitHub cyber forensics course team claims
that all administrators of the accounts committed during the attack have
already been notified about the incident.
A statement published by the software
development platform mentions: “As a result of the investigation, we discovered
enough evidence to confirm that the compromised accounts kept their access
codes stored in plain text in user-related repositories”, a determining
factor for the attack to succeed.
Specialists from the International Institute of
Cyber Security (IICS) highlight the growing number of security incidents on
Microsoft-owned platforms. In recent days, the access codes for some Microsoft
employees were extracted, leading to unauthorized access to multi-user Outlook
accounts, information theft, and even cryptocurrency theft in some cases.
Last year, Microsoft paid over $2M USD due to
its vulnerability bounty program; this year, the company announced an expansion
of the program that will encompass its various services and platforms,