Image credit – Joe Fitzgerald Rodriguez/S.F. Examiner
You might have read recently that San Francisco’s Muni light rail transportation system was hacked over the Thanksgiving weekend, it was giving free rides to people. The San Francisco Muni hacker got a taste of his own medicine as he was hit by a revenge hack. The Muni hacker had demanded 100 bitcoins as ransom to remove this malicious code from the transportation system. His last message included an email address which was plastered across screens at Muni stations over the weekend. That email address played a vital role in the revenge hack.
Security reporter Brian Krebs reports that the person behind the revenge hack was able to get in the Muni hacker’s own email account. He took the email address that the hacker himself plastered all over Muni stations and then guessed the security question protecting the account.
He then proceeded to reset the password which effectively gave him total control of the account. He even gained access and locked down the secondary email account that was linked to this one.
The anonymous hacker who hit the Muni hacker discovered that this wasn’t his first ransom hack. He’s believed to have taken more than $140,000 in ransom from unsuspecting victims over the past three months alone.
This just goes to show that online security is no joke, and even people who hold entire transportation systems ransom are as vulnerable online as the rest of us.
Filed in . Read more about Hacking.