The San Francisco MUNI hacker got hacked

Chris Smith

November 29, 2016 at 6:43 PM

While most people were busy recovering from Thanksgiving and getting ready for massive shopping sprees, a hacker on Friday shut down the San Francisco Municipal Transportation Agency (SFMTA) computer network, asking for $73,000 in Bitcoin to unscramble the data. In ironic turns of events, the hacker was hacked, as a security researcher guessed the answer to the attacker’s email security question.

DON’T MISS: There’s a fix for your iPhone 6s’ serious battery drain, but you might not like it

The researcher then sent the contents of the hacker’s email address to KrebsOnSecurity.

It turns out that the attacker made a poor choice when it comes to security questions for the email address he had to display on the SFMTA’s computer systems. That’s how ransomware attacks work. The hacker has to make an email address available so funds can be transferred to him or her via Bitcoin.

Looking at the available data, Krebs was able to discover several interesting things about the hacker of the Muni attack.

The attacker did not hit only the SFMTA with ransomware. On November 20th he extorted 63 Bitcoins, or around $45,000, from a US-based manufacturing firm. Krebs says that the criminal got at least $140,000 in Bitcoin since August from several victims, switching Bitcoin wallets regularly. However, the SFMTA refused to pay up, choosing to restore its systems from backups instead.

The email hack also sheds some light on how the attack on the SFMTA was possible. Apparently, the hacker did not actively devise methods to attack the public transportation system. Instead, he or she used a server to find vulnerable targets.

“It appears our attacker has been using a number of tools which enabled the scanning of large portions of the Internet and several specific targets for vulnerabilities,” Holden Security’s Alex Holden told Krebs. “The most common vulnerability used ‘weblogic unserialize exploit’ and especially targeted Oracle Corp. server products, including Primavera project portfolio management software.”

The email also contains elements that could help law enforcement discover the identity, or at least location, of the attacker. According to Krebs, the hacker might be based in Iran, although a phone number connecting the hacker to Russia has also been found — probably a red herring, Krebs said.

Read the Krebs’ full report at the source link.

Trending right now:

See the original version of this article on BGR.com

Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Yahoo Sports
Phil Mickelson on the majors: 'What if none of the LIV players played?'
Phil Mickelson hints that big changes could be coming to LIV Golf's rosters, and the majors will need to pay attention.
Yahoo Sports
Bulls' Lonzo Ball picks up $21.4 million option for 2024-25 season amid knee concerns
Ball hasn't played since the 2021-22 season.
Yahoo Sports
No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it
The quality was choppy, but it was better than what the WNBA had.
Yahoo Sports
New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal
It turns out the money was going from Ohtani's bank account to an illegal bookie to ... casinos.
Yahoo Sports
Kyle Larson beats Chris Buescher at Kansas in closest finish in NASCAR history
Larson won by 0.001 seconds.
Yahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
Yahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
Yahoo Sports
The Scorecard: Andy Pages looks set to go down as one of the fantasy baseball waiver wire pickups of 2024
Fantasy baseball analyst Dalton Del Don delivers his latest batch of hot takes as we enter Week 6 of the season.
Yahoo Sports
Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert
The Timberwolves' rising superstar led Minnesota to a Game 1 victory over Denver, then reminded the world that he's 22, not 23 ... yet.
Yahoo Sports
Monday Leaderboard: Brooks Koepka is ready to slow the Scottie Scheffler train
A dominant LIV win and a heartbreaking PGA Tour loss headline this week's top golf stories
Yahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
Autoblog
Why did Musk ax the Supercharger team?
Elon Musk’s decision to dismiss much of Tesla’s Supercharger team this week came as a shock. A look at possible reasons why he did it.
Yahoo Finance
CVS stock plunges after earnings numbers one analyst 'did not even believe'
CVS warns it could cede Medicare Advantage market share as reimbursement rates pressure the company.
Yahoo Sports
Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset
The 150th Kentucky Derby produced yet another magnificent two-minute spectacle.
Yahoo Sports
Lionel Messi smashes MLS and personal records with goal, 5 assists in a single half
Messi needed just 33 minutes to do things that no MLS player had ever done in a full game, and that Messi had never done in his career.
Yahoo Celebrity
Dwayne Johnson is difficult to work with, report claims. The star has 'mountains of public goodwill' to offset negativity, expert says.
Once named the “Most Likable Person in the World,” the actor is under fire in a new report, accused of showing up to work late on the film “Red One,” irritating the crew and causing the budget to balloon.
Yahoo Sports
UFC 301: Anthony Smith confronts career reality after reconciling with the man who knocked out his teeth
After 56 pro fights and losses in three of his last four, the UFC veteran knows what fans think about the state of his career – but he also knows they've been wrong before.
Yahoo Sports
Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46
The Seminoles lost 23-16 to Tennessee in the first-ever BCS title game.

News

Life

Entertainment

Finance

Sports

New on Yahoo

The San Francisco MUNI hacker got hacked

Recommended Stories

Former NBA guard Darius Morris dies at 33

The FDIC change that leaves wealthy bank depositors with less protection

Phil Mickelson on the majors: 'What if none of the LIV players played?'

Bulls' Lonzo Ball picks up $21.4 million option for 2024-25 season amid knee concerns

No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it

New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal

Kyle Larson beats Chris Buescher at Kansas in closest finish in NASCAR history

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

The Scorecard: Andy Pages looks set to go down as one of the fantasy baseball waiver wire pickups of 2024

Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert

Monday Leaderboard: Brooks Koepka is ready to slow the Scottie Scheffler train

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

Why did Musk ax the Supercharger team?

CVS stock plunges after earnings numbers one analyst 'did not even believe'

Kentucky Derby: Mystik Dan wins in three-horse photo finish, outruns favorite Fierceness in stunning upset

Lionel Messi smashes MLS and personal records with goal, 5 assists in a single half

Dwayne Johnson is difficult to work with, report claims. The star has 'mountains of public goodwill' to offset negativity, expert says.

UFC 301: Anthony Smith confronts career reality after reconciling with the man who knocked out his teeth

Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46