Hacker

San Francisco’s Muni transit system reportedly hit by ransomware

Life
Image: IDGNS

28 November 2016

San Francisco’s Muni transit system was reportedly hit by ransomware since Friday, leading to the message “You Hacked, ALL Data Encrypted” being displayed on the computer screens at stations, according to newspaper reports.

The message asked that cryptom27 at yandex.com should be contacted for the key to unlock the data.

Fare payment machines at stations also displayed that they were out of service, and San Francisco’s Municipal Railway, widely known as Muni, was allowing free rides on its light-rail vehicles as it was unable to charge customers.

The ransomware is believed to be a variant of HDDCryptor, which uses commercial tools to encrypt hard drives and network shares, according to CSO’s Salted Hash.

Trend Micro said in September that the malware is a threat both to consumers and enterprises as it not only “targets resources in network shares such as drives, folders, files, printers, and serial ports via Server Message Block (SMB), but also locks the drive”.

On Sunday, the San Francisco Examiner was reporting that the computer systems at the transit system had been restored. It said that a person, who may have spread the ransomware was demanding $73,000 from Muni to unlock its data.

It isn’t clear at this point whether the transit system paid up to unlock its data or took other measures. The bitcoin wallet the attacker referred to in e-mail communications referenced by Salted Hash was still empty late Sunday, suggesting that no payment was made at at least into that wallet.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie