[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

Ransomware Crooks Demand $70,000 After Hacking San Francisco

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /news/ - Current News
  3. Ransomware Crooks Demand $70,000 After Hacking San Francisco
Thread replies: 2
Thread images: 1

Anonymous
Ransomware Crooks Demand $70,000 After Hacking San Francisco Transport System 2016-11-28 08:19:36 Post No. 88280
[Report] Image search: [Google]
File: 960x0[1].jpg_fit=scale.jpg (120KB, 960x647px) Image search: [Google]
960x0[1].jpg_fit=scale.jpg
120KB, 960x647px
Ransomware Crooks Demand $70,000 After Hacking San Francisco Transport System Anonymous 2016-11-28 08:19:36 Post No. 88280 [Report]
http://www.forbes.com/sites/thomasbrewster/2016/11/28/san-francisco-muni-hacked-ransomware/

>Criminals have been causing much grief with ransomware, whether knocking out businesses or entire hospitals with their infections. San Francisco’s transport system is the latest to suffer. This weekend, previously-known PC ransomware found its way onto computers at the Municipal Transportation Agency, hitting the city’s light rail system, the Muni. The hackers reportedly demanded 100 Bitcoin, worth roughly $70,000, though it’s unlikely they’ll ever get paid as systems are back online.

>On Saturday, the hackers left a brief message on Muni ticketing systems: “You Hacked, ALL Data Encrypted.” They went on to explain in broken English that their attacks weren’t targeted, indicating the Muni was hit in a so-called “spray and pray” attack, according to reports. “We don’t attention to interview and propagate news! Our software working completely automatically and we don’t have targeted attack to anywhere! SFMTA network was Very Open and 2000 Server/PC infected by software! So we are waiting for contact any responsible person in SFMTA but I think they don’t want deal! So we close this email tomorrow!”

>But rather than shut down the network, the attack simply led to machines being turned off and passengers allowed to grab free rides. Muni’s systems also appear to have been cleaned of infection as of today.

>“There’s no impact to the transit service, but we have opened the fare gates as a precaution to minimize customer impact,” Muni spokesperson Paul Rose told media. “Because this is an ongoing investigation it would not be appropriate to provide additional details at this point.”
...
>>
Anonymous 2016-11-28 08:20:30 Post No.88281
[Report]
Anonymous 2016-11-28 08:20:30 Post No.88281 [Report]
>Who are the hackers?

>The extortionists behind the hack have a long history in demanding ransom from web users. They use the address [email protected], telling victims that if they wanted access to their data they needed to pay for an encryption key.

>One victim who’d been targeted by the same mail address wrote on Bleeping Computer that they’d discovered the malware in use was HDDCryptor. Bleeping Computer and security firm Trend Micro both noted a surge in activity from that ransomware variant from August onwards.

>“HDDCryptor not only targets resources in network shares such as drives, folders, files, printers, and serial ports via Server Message Block (SMB), but also locks the drive. Such a damaging routine makes this particular ransomware a very serious and credible threat not only to home users but also to enterprises,” Trend Micro researchers Stephen Hilt and William Gamazo Sanchez wrote in a blog post.

>“HDDCryptor, like ransomware as a service (RaaS), embodies how little effort can go a long way. At the crux of it is how HDDCryptor utilizes commercially available software to do its nefarious bidding, and ultimately how affected end users and businesses foot the bill for these cybercriminals.”

>Different email addresses have been attached to HDDCryptor ransomware messages, however, which could indicate numerous criminals have access to the malware or that one group is using multiple addresses to cover their tracks. Whoever they are, they’re succeeding in causing disruption and forcing victims to hand over ransoms. In September, one of the malware operators, using the email address [email protected], had acquired four payments of between $600 and $700.
Thread posts: 2
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.