Hacker que atacou sistema de tranportes de São Francisco foi “hackado”

O hacker do “Muni” de São Francisco já amealhou, pelo menos, 140 mil dólares.

No passado dia 25, o sistema de transportes de São Francisco (aka Muni) foi atingido por um ataque de ransomware que colocou os terminais de venda de bilhetes offline, obrigando a rede de transportes a oferecer viagens de borla aos passageiros.

O malware exigia o pagamento de 100 bitcoins (cerca de 70 mil euros) para desbloquear o acesso ao sistema.

Agora, o repórter Brian Krebs anunciou que um investigador de segurança informática anónimo conseguiu ganhar acesso à conta de email utilizada pelo hacker. Bastou-lhe adivinhar as perguntas de segurança do servidor de email. O investigador revelou algumas informações que obteve através dos emails, incluindo a revelação de que este já terá conseguido amealhar pelo menos 140 mil dólares através deste tipo de chantagem digital:

The attacker appears to be in the habit of switching Bitcoin wallets randomly every few days or weeks. “For security reasons” he explained to some victims who took several days to decide whether to pay the ransom they’d been demanded. A review of more than a dozen Bitcoin wallets this criminal has used since August indicates that he has successfully extorted at least $140,000 in Bitcoin from victim organizations.

That is almost certainly a conservative estimate of his overall earnings these past few months: My source said he was unable to hack another Yandex inbox used by this attacker between August and October 2016, “w889901665@yandex.com,” and that this email address is tied to many search results for tech help forum postings from people victimized by a strain of ransomware known as Mamba and HDD Cryptor.

San Francisco Rail System Hacker Hacked [Brian Krebs]