An nameless safety researcher reportedly breached the attacker’s e-mail account.
The hacker claiming accountability for ultimate week’s ransomware assault at the San Francisco Municipal Transportation Company has been hacked.
In keeping with safety researcher Brian Krebs, the prison—anyone calling themselves “Andy Saolis”—used to be the objective of a breach that exposed information about different hacks allegedly performed via Saolis.
The Friday best intended loose rides for all that evening and into Saturday, as cost kiosks have been inaccessible.
Saolis later claimed accountability and fielded questions from the media by means of e-mail. On Monday, a safety analyst accessed that e-mail account via guessing the solution to Saolis’ secret query and resetting the password, the researcher, who selected to stay nameless, advised Krebs.
In keeping with messages acquired from the inbox and printed via Krebs, Saolis on Friday contacted SFMTA infrastructure supervisor Sean Cunningham and demanded 100 bitcoin ($73,000) in alternate for re-entry into SFMTA’s encrypted servers.
“The SFMTA hasn’t ever regarded as paying the ransom,” an company spokesman advised PCMag. “We’ve got a knowledge generation staff in position that may repair our techniques and that’s what they’re doing.”
Saolis, on the other hand, has effectively extorted a minimum of $140,000 from sufferers since August, Krebs experiences.
Remaining week’s SFMTA outage—which disrupted about 900 administrative center computer systems—used to be no longer a focused strike; as an alternative, apparently the an infection unfold thru a SFTMA worker with “admin stage” get admission to, whose PC used to be used to obtain a tool keycode generator sporting the malicious code.
“It is Display to You and Evidence of Idea , Corporate do not pay Consideration to Your Protection !” Saolis wrote in a message to PCMag on Monday, apologizing for his or her damaged English. “If some Hacker Attempt to best Your Transportation Infrastructure Goal-Based totally , it is Have Extra Affect!”
Saolis didn’t straight away reply to every other request for remark.
In spite of worker issues about lacking a paycheck, the San Francisco MUNI showed that there shall be no affect to payroll products and services. In the meantime, buyer cost techniques weren’t hacked, and no knowledge used to be accessed all through the breach.