- YouTube love triangle: ProJared’s mistress Commander Holly makes startling accusations 2 Years Ago
- Middle schoolers investigated for allegedly serving semen crepes to teachers 2 Years Ago
- Memelord from Reddit’s r/The_Donald joins Trump onstage at rally 2 Years Ago
- Read the wild list of demands Trump’s possible new immigration czar had Today 8:48 AM
- Here’s what’s coming and going on Hulu in June 2019 Today 7:30 AM
- Hulu and George Clooney strike gold with ‘Catch-22’ Today 7:00 AM
- How to cut the cord when you’re broke Today 6:30 AM
- Jazz pianist turns Cardi B flex video, James Charles apology into viral bops Today 6:28 AM
- How to watch Netflix on Linux Today 6:00 AM
- Fortnite streamer Tfue sues gaming organization FaZe Clan over contract dispute Today 12:28 AM
- Report finds some users can’t opt out of Facebook’s face recognition Monday 7:27 PM
- Get emotional over this real-life pastor baptizing an anime girl in virtual reality Monday 6:53 PM
- Twitter wants to know what Jack in the Box did to offend Kim Kardashian Monday 6:38 PM
- ‘Game of Thrones’ meme claims King’s Landing is an ‘inside job’ Monday 6:06 PM
- Report: Personal data of 49 million Instagram influencers exposed online Monday 4:57 PM
Hackers held San Francisco’s transit system hostage over Thanksgiving weekend
Russian malware gang appear to be behind the attack.
San Francisco’s public transport agency suffered a crippling malware attack on Friday evening, as criminal hackers held the locked up system to a ransom of 100 bitcoins on Thanksgiving weekend.
Passengers were allowed to ride the rail system for free as over 2,100 different computers were affected within the Municipal Transportation Agency’s colossal network including ticket kiosks, office desktop computers, email servers and SQL databases.
According to passengers, screens briefly displayed a message from the hackers behind the infection: “You Hacked, ALL Data Encrypted, Contact For Key ([email protected]) ID:601.”
The lethal malware, which was a variant of a known strain called HDDCryptor, usually hits the system when a email or attachment hosting it is opened or downloaded. From there the malware virus gets to work, quickly encrypting hard drives and essential network files by generating random encryption keys. Newer versions of this malware also scramble the hard drive’s master boot record (MBR) locking the system hostage.
The extortionists behind the attack in San Francisco over the weekend demanded the equivalent of $73,000 be paid in bitcoins before they would free the network. The Yandex email address the hackers made appear on screen has been used in previous malware attacks. It offers each victim a personal ID through which to contact the malware gang.
Yandex is a Russian email provider, and journalists at the Verge who contacted the address reported that they had received the following response in broken English from those claiming responsibility:
“we don’t attention to interview and propagate news ! our software working completely automatically and we don’t have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don’t want deal ! so we close this email tomorrow!”
In a public statement to the press, the Municipal Transport Agency’s [SFMTA] spokesperson Paul Rose explained, “We are focused now on working to investigate the matter fully to find out all other details … [A]t this point there is no impact to transit service, to our security systems or to our customers’ private information.”
According to news-site Hoodline, some ticket kiosks were back up and running by Sunday morning. In a statement, the SFMTA said, “The situation is now contained, and we have prioritized restoring our systems to be fully operational. ”
The SFMTA has made no statements as to how this was achieved or whether officials had given in by simply paying the ransom. The downed network reportedly cost the city over $500,000 per day in uncollected fares.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.