San Francisco’s Rail System Hacker Unraveled

Technology - Akanksha Singh - Nov 30,2016

Rating -

stars - based on 21 reviews

san francisco rail hacker unraveled

An investigation of more than dozen Bitcoin wallets revealed that the hacker has successfully extorted more than $140,000 from several victim organizations

On Friday, San Francisco’s Municipal Transportation Agency (SFMTA) was hacked by a ransomware, computers on almost all of SFMTA’s Municipal Rail system (Muni’s) terminals were hacked and displayed the same encrypted message, succeeded by the hackers email address for dialogue. For all the clueless metro riders, these free rides of Friday night and Saturday could have been a holiday gift from the San Francisco transportation department.

The hacker who made all of that possible, demanded 100 Bitcoins, almost $73,000 in ransom for unlocking the agency’s computer systems. The Muni refusing to go down silently, did not pay up, instead transportation officials shut down the whole system’s ticket machines and threw open fare gates for precaution; then contacted the Department of Homeland Security and their technology division to counter the attack. By Sunday morning, the ticket machines and fare gates started working and by Monday most of the hacked systems were up and running.

On Monday, an online site KrebsOnSecurity was contacted by a security researcher who informed that he had hacked the very “Muni-hacker’s” account inbox after reading about the Muni incident. The researcher, who wishes to remain anonymous, said that he has compromised the extortionist’s inbox and reset the attacker’s email password by guessing the answer to his secret question.

Copies of the inbox information revealed that the hacker apparently was successful in extorting 63 Bitcoins, around $45,000 from a U.S. based firm. The attacker appeared to be in a habit of sending malicious ransomware to various organizations of the world and demanding ransom in return of a ‘decryption’ key. According to the summary of his various Bitcoin wallets, which he was continuously juggling with (no-wonder-why), he had successfully extorted around $140,000 from numerous organizations around the world.