Stories
Slash Boxes
Comments

SoylentNews is people

Alleged San Francisco Muni ‘Hacker’ Demanded $73,000 Ransom

posted by on Tuesday November 29 2016, @05:06AM   Printer-friendly
from the all-your-fare-are-belong-to-us dept.

Phoenix666 and -- OriginalOwner_ both sent in this story:

People using San Francisco's Muni public transportation, which consists of buses, streetcars, Metro light rail and cable cars, rode for free over the holiday weekend. [...] Some of those people thought the free rides were part of a Thanksgiving gift or "Black Friday deal," but anyone who happened to glance at San Francisco Muni station computer screens knew better. On Friday and Saturday, the screens all displayed:

You Hacked, ALL Data Encrypted, Contact For Key(cryptom27@yandex.com)ID:681 ,Enter Key.

[...] SFMTA spokesman Paul Rose said the hack was discovered on Friday, but all fare machines were back to normal on Sunday. The "Muni subway fare gates were locked in an open position and could not be electronically closed;" Rose claimed the fare gates were intentionally opened to promote free Muni service.

It was not a targeted attack, according to the San Francisco Examiner. After the news outlet contacted the Yandex email address listed in the ransom note, someone going by "Andy Saolis" claimed the ransomware "infected an admin level computer after someone at SFMTA downloaded a torrented computer file, a software keycode generator."

Original Submission #1   Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Alleged San Francisco Muni ‘Hacker’ Demanded $73,000 Ransom | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Tuesday November 29 2016, @07:44AM

    by Anonymous Coward on Tuesday November 29 2016, @07:44AM (#434378)

    I have been hacked too, most likely by javascript on an ad. That was several years ago. You guys saved my ass on that one.

    Since then its NoScript, and if MalwareBytes couldn't clean up the mess, CloneZilla.

    I had backups and it took me several days to recover most everything. Now, using the wisdom some of you shared with me, if it should happen again, I will be down less than an hour - thanks to CloneZilla, where the disk images mean I won't have to re-install and get authenticated on everything again.

    Personally, this kind of thing is do-able for me, but should I have this happen to me in the corporate world, where other people have to be involved - especially non-technical types whose expertise is in leadership, not technical stuff, I could see where this kind of thing could be a major undertaking. I have been there, done that, where minor snags turn into multimillion dollar fiascos, eventually solved by the leadership skills of throwing a helluva lotta money ( provided by investors ) at the problem, earning substantial bonuses for the leadership team in the process.

    No wonder our computational infrastructure is in such an untrustworthy mess when the people running the show seem to be paid by the fuchup.