GitHub repositories targeted in cyber-extortion attacks

Published:

spot_img

GitHub Extortion Campaign: “Gitloker” Wiping Clean Repositories

An unknown user operating under the alias “Gitloker” has been wreaking havoc on GitHub by seizing and erasing repositories in an effort to extort victims. The campaign, brought to light by a researcher at Chilean cybersecurity firm CronUp, has been ongoing since at least February 2024. Reports from GitHub community forums suggest that multiple users have fallen victim to this scheme, although the full extent of the attacks remains unknown.

According to CronUp researcher German Fernandez, the attackers are exploiting a GitHub commenting and notification feature to carry out their phishing emails. By utilizing the legitimate “notifications@github.com” email address and manipulating sender names, the attackers have been successful in luring victims into their trap. The campaign operates through two domains: “githubcareers.online” and “githubtalentcommunity.online.”

One victim described how the attacker uploaded repos to their account and left behind an extortion note demanding $1,000 to prevent data exposure. Other users reported receiving fake recruiting emails and security alerts, all leading to the same malicious domains. GitHub has advised users to review their active sessions, personal access tokens, change passwords, and reset two-factor recovery codes if they suspect their account has been compromised.

The implications of Gitloker’s actions are dire, as some victims have been threatened with the release of confidential data unless a hefty ransom is paid. GitHub has assured users that they are investigating all reports of abusive activity and encourages the community to report any suspicious behavior. As the cybersecurity battle on GitHub intensifies, vigilance and proactive measures are crucial to safeguarding sensitive information.

spot_img

Related articles

Recent articles

Dubai Real Estate Experts Reveal 3 Predictions Following Record $17 Billion Sales in April

Insights from Dubai's Real Estate Roundtable: A Path Forward As Dubai's property market continues to soar to new heights, an exclusive roundtable organized by Property...

EDDIESTEALER Malware Bypasses Chrome’s Encryption to Steal Browser Data

New Malware Campaign: The Rise of EDDIESTEALER A recent cybersecurity report has unveiled a concerning trend involving a new malware campaign that disseminates a Rust-based...

91% of Leaders Confront AI Threats: A Security Review

VAST Data Unveils a Groundbreaking AI Operating System Transforming the Future of Computing In a world increasingly shaped by artificial intelligence, VAST Data has taken a...

U.S. Authorities Seize NT$200 Million in Assets from Dark Web Drug Suspect

Major Asset Seizure Tied to Taiwanese Drug Operative Overview of the Case Taipei prosecutors recently announced the seizure of assets valued at over NT$200 million (approximately...