Hundreds of developers have had had Git source code repositories wiped and replaced with a ransom demand.
The attacks started earlier today, appear to be coordinated across Git hosting services (GitHub, Bitbucket, GitLab), and it is still unclear how they are happening.
What it is known is that the hacker removes all source code and recent commits from vitcims' Git repositories, and leaves a ransom note behind that asks for a payment of 0.1 Bitcoin (~$570).
The hacker claims all source code has been downloaded and stored on one of their servers, and gives the victim ten days to pay the ransom; otherwise, they'll make the code public...
A WAY TO RECOVER
The good news is that after digging through a victim's case, members of the StackExchange Security forum have found that the hacker does not actually delete, but merele alters Git commit headers, meaning code commits can be recovered, in some cases.
Instructions on how to recover mangled Git repositories are available on this page...
Read more: A hacker is wiping Git repositories and asking for a ransom | ZDNet