Hackers with poor spelling annoyed one of the world’s largest golf promoters this week by seizing some relatively benign files and demanding a bitcoin ransom for their return, Golfweek reports.
On Tuesday, staff at the Professional Golfer’s Association of America (PGA) tried to access computer files pertaining to two upcoming tournaments, but encountered this message instead:
“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic].”
As it turned out, the hackers had only managed to capture banner, logo and other marketing files needed to promote this week’s PGA golf Championship at the Bellerive Country Club in St Louis and the upcoming Ryder Cup in France.
Though the hack failed to capture highly sensitive files, Golfweek reports that some of the promotional materials locked up had been under development for over a year,
The hackers also stated:
“We exclusively have decryption software for your situation…No decryption software is available in the public.”
…and claimed that any unauthorized attempts to decrypt the files, “…may lead to the impossibility of recovery of certain files.”
Golfweek says the hackers then included an encrypted email address and told PGA staff to send two scrambled that the hackers would decrypt as a sign of their “honest intentions.”
Demands for bitcoin ransoms in malware attacks are becoming increasingly popular because the digital coins can be more easily exchanged than cash ransoms.
And though the Bitcoin ledger can be scrutinized and more foolish hackers located, Bitcoin developer Giacomo Zucco says that successful Bitcoin forensic stings are usually very costly.
And though an official PGA spokesperson declined to comment, an anonymous source at the PGA told Golfweek that the organization has no plans to accommodate extortion,
Malware is often transmitted by email attachments, but also commonly travels on memory sticks, in downloads and in media files.
That the seized PGA files contained marketing graphics suggests that the computer system of a PGA marketer or designer may have been exposed to a virus.
Cyber security experts recommend using different passwords for every account and very long passwords comprised of four words randomly selected from a dictionary.
They also recommend never opening emails or attachments from unknown senders.
On yesterday’s episode of “The Bitcoin Brief,” a Bitcoin talk show on YouTube, developer Jimmy Song warned:
“If you are a big corporation and you have some server with critical information then you better up your security game. Otherwise you are going to get hacked. I see this as a good thing long term because…you’re going to force IT departments to reduc(e) attack surfaces…and just hav(e) better security practices overall because now there’s a monetization path for those people that can hack.”