San Fransisco’s computerized fare system has been hacked.
Riders on San Fransisco’s Municipal Railway (MUNI) had a strange surprise waiting for them on Friday when they attempted to buy tickets on the railway’s computerized fare system. Beginning on Friday afternoon, the fare terminals were hacked, and the ticket machines had signs taped to them saying “Out of Service” and “Metro Free”.
Computer screens at the MUNI stations also displayed a strange message which suggests the terminals had been infected with ransomware: “You Hacked, ALL Data Encrypted. Contact For Key(firstname.lastname@example.org)ID:681 ,Enter.” Typically, ransomware will encrypt or lock your computer and then force you to pay a fee in order to unlock your files. MUNI Spokesman Paul Rose said that the railway company was working to resolve the situation, but wouldn’t comment further.
Here’s an example of the “You Hacked” on one of MUNI’s computers
Reporters reached out to the hacker via email, who confirmed he wanted to make a deal with MUNI: “we don’t attention to interview and propagate news ! our software working completely automatically and we don’t have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don’t want deal ! so we close this email tomorrow!”
In September, Morphus Labs linked the same email address to a strain of ransomware known as “Mamba”, and this isn’t the first time an organization in California has encountered this kind of attack. Earlier this year, the Hollywood Presbyterian Medical Center had its files held at ransom for $3.6 million.
Since the attack, some of the metro system’s 6,000 employees have also reported that their email stopped working, though as of yet, it is unclear whether this has anything to do with the hack. For now, MUNI has locked their turnstiles in an open position, and the even has not had any effect on transit service.
source: San Fransisco Examiner