- Philadelphia to fire 13 officers for racist, violent Facebook posts Saturday 6:12 PM
- Nick Offerman is so down to play every single role in ‘Cats’ Saturday 4:27 PM
- Woman documents how airport staff broke her wheelchair Saturday 3:04 PM
- Funeral home allegedly posted photos of woman’s dead body on social media Saturday 1:56 PM
- Alinity Divine is being investigated after throwing her cat during stream (updated) Saturday 12:04 PM
- ‘Comedians In Cars Getting Coffee’ returns with Seinfeld making a racist joke about China Saturday 10:26 AM
- YouTubers Eugenia Cooney and Shane Dawson make a joint comeback Saturday 9:06 AM
- The crushing effects of Trump’s abortion ‘gag rule’ on healthcare Saturday 8:00 AM
- How to live stream Pacquiao vs. Thurman Saturday 6:20 AM
- Review: Hulu with Live TV ensures you always have something to watch Saturday 6:00 AM
- How to live stream UFC on ESPN 4: Rafael dos Anjos vs. Leon Edwards Saturday 5:49 AM
- 2020 Democrats refuse to answer our questions about ‘Cats’ Friday 4:14 PM
- Belle Delphine’s Instagram account removed after mass reporting campaign Friday 4:08 PM
- Mariah Carey refuses old-age FaceApp challenge Friday 3:19 PM
- Journalists horrified by consolidation of Gatehouse, Gannett Friday 3:12 PM
Hackers held San Francisco’s transit system hostage over Thanksgiving weekend
Russian malware gang appear to be behind the attack.
San Francisco’s public transport agency suffered a crippling malware attack on Friday evening, as criminal hackers held the locked up system to a ransom of 100 bitcoins on Thanksgiving weekend.
Passengers were allowed to ride the rail system for free as over 2,100 different computers were affected within the Municipal Transportation Agency’s colossal network including ticket kiosks, office desktop computers, email servers and SQL databases.
According to passengers, screens briefly displayed a message from the hackers behind the infection: “You Hacked, ALL Data Encrypted, Contact For Key ([email protected]) ID:601.”
The lethal malware, which was a variant of a known strain called HDDCryptor, usually hits the system when a email or attachment hosting it is opened or downloaded. From there the malware virus gets to work, quickly encrypting hard drives and essential network files by generating random encryption keys. Newer versions of this malware also scramble the hard drive’s master boot record (MBR) locking the system hostage.
The extortionists behind the attack in San Francisco over the weekend demanded the equivalent of $73,000 be paid in bitcoins before they would free the network. The Yandex email address the hackers made appear on screen has been used in previous malware attacks. It offers each victim a personal ID through which to contact the malware gang.
Yandex is a Russian email provider, and journalists at the Verge who contacted the address reported that they had received the following response in broken English from those claiming responsibility:
“we don’t attention to interview and propagate news ! our software working completely automatically and we don’t have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don’t want deal ! so we close this email tomorrow!”
In a public statement to the press, the Municipal Transport Agency’s [SFMTA] spokesperson Paul Rose explained, “We are focused now on working to investigate the matter fully to find out all other details … [A]t this point there is no impact to transit service, to our security systems or to our customers’ private information.”
According to news-site Hoodline, some ticket kiosks were back up and running by Sunday morning. In a statement, the SFMTA said, “The situation is now contained, and we have prioritized restoring our systems to be fully operational. ”
The SFMTA has made no statements as to how this was achieved or whether officials had given in by simply paying the ransom. The downed network reportedly cost the city over $500,000 per day in uncollected fares.
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.