Ticketfly Hackers Still At-Large
Four days ago, a single hacker took over the Ticketfly website, demanding a significant ransom and forcing those running the site to shut it down indefinitely until the hacking situation is remedied, one way or another. The developers in charge of the massive event ticketing and management site placed a notice on their website, informing its visitors that the site had been taken down and that they should check out their favorite artists’ websites for relevant ticketing information.
This announcement went out on June 2nd, 2018. It has now been almost four days since the initial announcement, and speculation is rampant across the community. This strike is the latest in a continuing series of cyberattacks orchestrated by hackers looking to score a ransom in anonymous cryptocurrencies such as Bitcoin.
The outcome of this situation will send ripples across the cryptocurrency community. It is unlikely that the site will end up paying the ransom demanded by the hacker. Doing so would help to incentivize hacking attempts such as this one, and could motivate similar attacks in the future. However, it is thus far unclear to what extent the hackers gained control of the site initially, and what kind of leverage they have on the company as a whole moving forward.
The Initial Hack
Users on the site would have noticed something was amiss on May 30th of this year, when the site was taken down, displaying a simple image of the “V for Vendetta” protagonist, along with a message from what is presumed to be the hacker himself. It reads, “Ticketfly HacKeD By IsHakdZ.” On the bottom half of the image, the hacker wrote, “Your Security Down im Not Sorry,” along with a link to a hacker website.
The hacker attempted to extort the site for one Bitcoin, citing “protection” as the reason. The leaders of the company refused and, in response, the criminal reportedly leaked the personal information of thousands of participants in the website, including both vendors and customers whose information had been stored securely on the Ticketfly database.
Several sources have confirmed the personal details of some of the victims, making it clear that the hacker has indeed gained access to and published sensitive details of some users on the site. The information leaked includes names, numbers, addresses, and email addresses, among other things.
Ticketfly recently tweeted about the incident, unfortunately informing the community that the breach has continued, and that the information of some customers may still be in danger of being exposed. Most services on the Ticketfly website remain offline, as the public relations department works overtime to deal with an outraged community.
Additionally, the hacker has apparently promised to release a database entitled “backstage,” although no actual leak seems to have happened thus far.
— Ticketfly (@ticketfly) June 2, 2018
A Growing Trend Of Cryptocurrency Crimes
This recent crime is only the tip of the iceberg for crypto crimes in 2018. The city of Atlanta was attacked in March of this year, with its attackers demanding Bitcoin to the amount of $51,000 USD in order to stop the attack and return functionality to the government computers.
An Indiana Hospital in the United States was also attacked, with an undisclosed ransom demanded, again using Bitcoin to carry out the transaction.
It isn’t just in the United States, either. Authorities in China recently arrested nearly 100 people in connection with the OneCoin MLM scam. Additionally, Chinese hackers attempted to extort over $1 million in XRP following their theft of thousands of peoples’ personal data after a bank hack.
As companies work overtime to strengthen their security against crypto-motivated hackers, the crime in this sector is one reason why governments such as the United States are becoming increasingly interested in a valid regulatory framework for cryptocurrencies in their own countries.