PGA Championship Website Servers Hacked, Bitcoin Ransomware Demands
Who would have thought that major professional Golf tournaments would be a target for hackers, but it seems like hacking and cybersecurity is a threat to anyone who is online using the Internet. Acting as if they almost have nothing to lose, hackers have set their sights on a new target: The PGA Championships website servers.
Yes, that's right, in the latest Bitcoin extortion attempt to hit the headlines and swing for the green, just hours ago hackers hijacked the PGA of America’s computer servers. As it is being reported now, the “BitPaymer ransomware” is the culprit, locking officials out of crucial files related to this week’s PGA Championship at Bellerive Country Club and the upcoming Ryder Cup in France.
Employees realized that their system was comprised when attempts to work on the files generated an ominous message:
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorithm [sic].” Any attempt to break the encryption could cause the loss of all of the work, the hackers warned. “This may lead to the impossibility of recovery of certain files,” the message threatened.
Notably, the files contained creative materials for the PGA Championship at Bellerive and next month’s Ryder Cup in France. That includes extensive promotional banners and logos used in digital and print communications, and on digital signage around the grounds at Bellerive. The stolen files also include development work on logos for future PGA Championships. Some of the work began more than a year ago and cannot be easily replicated.
Here is the full message we retrieved from GolfWeek website:
BitPaymer has been around for a while, but typically keeps a low profile. There has been some moderate activity, though, with Bitpaymer over the last few weeks though as shown by the ID Ransomware chart below.
BitPaymer tends to target organizations by hacking into Remote Desktop Services connected to the Internet which is just like another ransomware SamSam. Once inside a network, they traverse through it and encrypt every computer they can get access to.
Recent variants have been appending the .locked extension to encrypted files and dropping ransom notes of the same name as the encrypted files but with “.readme_txt” appended to it. For example, an encrypted file called test.jpg would also have a ransom note named test.jpg.readme_txt.
BitPaymer is known to charge very large ransom amounts to decrypt computers. For example, one BitPaymer infection in the past asked for 53 bitcoins (close to $350,000 USD) to decrypt an entire network.
As of 8th August, officials had still not regained complete control of their servers. It’s not believed that the hacking has yet impacted the PGA Championship and outside IT experts have been engaged to ensure the tournament is unaffected.
What do you guys think – it looks like we might have to update our list of biggest crypto hacks after a story like this unfolds. It seems like no entities are offlimits these days, from corporate America to hospitals to governing bodies – all are subject to attack in the new wave of virtual currency hacks and ransom demands. For all of you bitcoiners (vs PGA fans) or both (adoption is right around the corner), make sure you check out the top 6 ways cryptocurrency-related hackers are trying to get a piece of your pie and how to go about protecting your funds.