- Why is Instagram still hosting ‘Black Lives Don’t Matter’ accounts? Today 7:14 AM
- Amanda Holden’s bad coronavirus advice sheds light on the struggle of being immunocompromised Friday 9:03 PM
- The World Health Organization is now fighting coronavirus misinformation on TikTok Friday 8:43 PM
- Police are using coronavirus misinformation to trick people into turning in drugs Friday 8:11 PM
- People can’t stop touching their faces–and the CDC really wants them to Friday 7:31 PM
- A TikTok of a girl getting an abortion is going viral—and the internet is divided Friday 3:06 PM
- FCC proposes $200 million fine for T-Mobile, others over data sharing Friday 3:03 PM
- Which ‘Love is Blind’ couples are still together? Friday 2:01 PM
- Review: ‘The Invisible Man’ reboot is thrilling but basic Friday 1:25 PM
- Sex workers speak out after OnlyFans leak Friday 1:21 PM
- Normani addresses Camila Cabello’s racist social media posts Friday 1:07 PM
- Mike Huckabee’s defense of Trump’s coronavirus response will make you nauseous Friday 12:06 PM
- Gmail’s email filtering may affect what candidate emails you are seeing Friday 11:08 AM
- Woman shares aftermath of domestic abuse: ‘This is only to raise awareness’ Friday 10:40 AM
- Skai Jackson gets restraining order against Bhad Bhabie after death threat Friday 10:19 AM
San Francisco’s public transport agency suffered a crippling malware attack on Friday evening, as criminal hackers held the locked up system to a ransom of 100 bitcoins on Thanksgiving weekend.
Passengers were allowed to ride the rail system for free as over 2,100 different computers were affected within the Municipal Transportation Agency’s colossal network including ticket kiosks, office desktop computers, email servers and SQL databases.
According to passengers, screens briefly displayed a message from the hackers behind the infection: “You Hacked, ALL Data Encrypted, Contact For Key ([email protected]) ID:601.”
The lethal malware, which was a variant of a known strain called HDDCryptor, usually hits the system when a email or attachment hosting it is opened or downloaded. From there the malware virus gets to work, quickly encrypting hard drives and essential network files by generating random encryption keys. Newer versions of this malware also scramble the hard drive’s master boot record (MBR) locking the system hostage.
The extortionists behind the attack in San Francisco over the weekend demanded the equivalent of $73,000 be paid in bitcoins before they would free the network. The Yandex email address the hackers made appear on screen has been used in previous malware attacks. It offers each victim a personal ID through which to contact the malware gang.
Yandex is a Russian email provider, and journalists at the Verge who contacted the address reported that they had received the following response in broken English from those claiming responsibility:
“we don’t attention to interview and propagate news ! our software working completely automatically and we don’t have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don’t want deal ! so we close this email tomorrow!”
In a public statement to the press, the Municipal Transport Agency’s [SFMTA] spokesperson Paul Rose explained, “We are focused now on working to investigate the matter fully to find out all other details … [A]t this point there is no impact to transit service, to our security systems or to our customers’ private information.”
According to news-site Hoodline, some ticket kiosks were back up and running by Sunday morning. In a statement, the SFMTA said, “The situation is now contained, and we have prioritized restoring our systems to be fully operational. ”
The SFMTA has made no statements as to how this was achieved or whether officials had given in by simply paying the ransom. The downed network reportedly cost the city over $500,000 per day in uncollected fares.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology.