The hacker who hacked San Francisco mass transit got hacked himself

Advertisement

Advertisement
Mr Robot

USA

Over the weekend, San Francisco's bus and trolley system, called Muni by locals, got hacked with ransomware

Someone got into Muni's computer system and threatened to lock its administrators out until they paid 100 bitcoin, or about $73,000, to the ransomer. Muni had to make all rides free on Saturday, although most systems are back in working order. 

But in a stroke of irony, it turns out the person who hacked Muni ended up getting hacked himself, Brian Krebs reported on Tuesday morning. 

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

The ransom note had an email address (cryptom27@yandex.com) for Muni administrators to contact in order to arrange the payment. A security researcher was able to get access to that email inbox by guessing the answer to the hacker's secret question, and leaked the inbox to Krebs. 

Advertisement

 

The stolen emails seen by Krebs even show the hacker had pulled off successful ransom heists before, at one point extorting about $45,000 from a U.S.-based manufacturing firm.

Other bitcoin wallets in the emails suggest the hacker had collected at least $140,000. The hacker had tried to extort several manufacturing and construction firms in the United States. 

The number could be higher because the hacker used several email addresses, some of which were not accessible. Krebs suggests the hacker may be from Iran.

Ransomware can be scary. Muni computer screens read "You are Hacked. ALL Data Encrypted," and the hacker is threatening to release 30 gigabytes of internal Muni data.

Advertisement

If you're worried about ransomware, you should make sure your systems are regularly backed up, and your backups are not on the same network as the systems they're backing up. Here are some additional FBI recommendations about how to best deal with ransomware

The entire Krebs report is fantastic and worth a read as one of the best looks into this shadowy corner of the internet available today.

NOW WATCH: What those tiny rivets on your jeans are for