topic New Gitloker attacks wipe GitHub repos in extortion scheme in Threats https://community.isc2.org/t5/Threats/New-Gitloker-attacks-wipe-GitHub-repos-in-extortion-scheme/m-p/71291#M1222 <P>Hi All</P><P>&nbsp;</P><P>Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information.</P><P>These attacks are part of what looks like an ongoing campaign <A href="https://x.com/1ZRR4H/status/1798412587484496068" target="_blank" rel="nofollow noopener">first spotted</A> on Wednesday by Germán Fernández, a security researcher at Chilean cybersecurity company CronUp.</P><P>The threat actor behind this campaign—who has the <A href="https://t.me/gitlokers" target="_blank" rel="nofollow noopener">Gitloker</A> handle on Telegram and is posing as a cyber incident analyst—is likely compromising targets' GitHub accounts using stolen credentials.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/" target="_blank">https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 18 Jun 2024 22:22:21 GMT Caute_cautim 2024-06-18T22:22:21Z New Gitloker attacks wipe GitHub repos in extortion scheme https://community.isc2.org/t5/Threats/New-Gitloker-attacks-wipe-GitHub-repos-in-extortion-scheme/m-p/71291#M1222 <P>Hi All</P><P>&nbsp;</P><P>Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information.</P><P>These attacks are part of what looks like an ongoing campaign <A href="https://x.com/1ZRR4H/status/1798412587484496068" target="_blank" rel="nofollow noopener">first spotted</A> on Wednesday by Germán Fernández, a security researcher at Chilean cybersecurity company CronUp.</P><P>The threat actor behind this campaign—who has the <A href="https://t.me/gitlokers" target="_blank" rel="nofollow noopener">Gitloker</A> handle on Telegram and is posing as a cyber incident analyst—is likely compromising targets' GitHub accounts using stolen credentials.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/" target="_blank">https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 18 Jun 2024 22:22:21 GMT https://community.isc2.org/t5/Threats/New-Gitloker-attacks-wipe-GitHub-repos-in-extortion-scheme/m-p/71291#M1222 Caute_cautim 2024-06-18T22:22:21Z