[BreachExchange] And now professional golf is being ransomed for bitcoin

Destry Winant destry at riskbasedsecurity.com
Wed Aug 8 22:55:08 EDT 2018


https://mashable.com/2018/08/08/bitcoin-ransomware-pga-america-golf/#gIK8BNOKRmq5

Raise that single gloved-hand to your mouth in shock: The hackers have
gone after golf.

America's last bastion of proud visor-wearers is scrambling this week,
after unknown criminals took over the PGA of America’s servers on
Tuesday — locking the golf association out of its files just days
before the official Aug. 9 start of the PGA Championship in Missouri.
And you better believe those hackers want bitcoin.

That's right, the PGA was hit with ransomware.

So reports Golfweek, which notes that the now-encrypted files include
"extensive promotional banners and logos used in digital and print
communications," in addition to "development work on logos for future
PGA Championships."

And if the PGA wants to regain access to that data? A bitcoin address
was reportedly provided to facilitate a cryptocurrency payment, but,
strangely, Golfweek says no specific ransom amount was requested.

“Your network has been penetrated," read the ransom note according to
Golfweek. "All files on each host in the network have been encrypted
with a strong algorythm [sic].”

Mashable reached out to the PGA of America in an attempt to determine
if the organization has had any further contact with the hackers, as
well as if it had determined a bitcoin ransom price, but received no
response as of press time.

But you would be remiss to mistake the quiet calm so associated with
the golf course for a lack of determined resolve. Golfweek, which
communicated with an inside source who demanded anonymity, says that
the PGA has no intention of paying up. Instead, the organization is
reportedly bringing in outside experts to clean up the mess.

And, well, there might be a lot of mess to clean up. If done
correctly, ransomware renders encrypted files permanently inaccessible
without the necessary decryption key. Then again, it's not always done
correctly.

Regardless, the tournament is slated to continue on schedule. It would
seem that encryption doesn't affect golf balls. Sand traps, on the
other hand...


More information about the BreachExchange mailing list