San Francisco's Light-Rail System Being Hacked For Ransom, Updates Here!
Unfortunately, the San Francisco Municipal Railway (SFMR) riders got an unexpected surprise over this weekend after the system's computerized fare systems were apparently hacked. According to the San Francisco Examiner, the MUNI system had been attacked on Friday afternoon.
The MUNI riders were surprised when they were greeted with printed "Out of Service" and "Metro Free" signs on ticket machines on late on Friday and Saturday. MUNI first became aware of the intrusion on Friday, according to the Examiner.
Computer screens at MUNI stations displayed a message: "You Hacked, ALL Data Encrypted. Contact For Key(firstname.lastname@example.org)ID:681 ,Enter." MUNI Spokesman Paul Rose spoke to the Examiner and noted that his agency was "working to resolve the situation," but refused to provide additional details.
In September, Morphus Labs linked a hacker by the same name to a ransomware strain called Mamba, which employs tactics similar to those demonstrated against MUNI.
This isn't the first California organization to face such an issue: earlier this year, Hollywood Presbyterian Medical Center discovered that its files were being held for a $3.6 million ransom. Ransomware attacks typically occur when a malicious file is downloaded onto a computer and executed. Once a victim pays the demanded ransom, the files will be decrypted.
Representatives of MUNI did not immediately responded to a request for comment. We'll update this post if we hear more.
"We don't attention to interview and propagate news ! our software working completely automatically and we don't have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don't want deal ! so we close this email tomorrow!" Hacker confirmed in an email that he was seeking a deal with MUNI to undo the damage.