Ticketfly Hack Saga Continues: Status of Bitcoin Ransom Remains Unknown
Nearly four days after being forced offline by a hacker demanding a ransom payment in bitcoin, the Ticketfly website is partially back in operation.
The event ticketing and management platform announced this on their official website on June 2, 2018.
Possibility Of Compromised Client Information
Starting on the night of May 30, 2018, the security incident began with unusual activity on the Ticketfly website including a “V” image from the Hollywood movie ‘V for Vendetta’ and a message saying “Ticketfly HacKeD By IsHaKdZ. Your Security Down im Not Sorry.”
While Ticketfly scrambled to ascertain the extent of the damage to their security infrastructure and contain it, someone claiming to be ‘IsHaKdZ,’ the purported hacker contacted the media claiming that he found a vulnerability in the Ticketfly website and was brushed off when he attempted to report it to them.
The hacker went on to demand 1 BTC “for protection” from Ticketfly, and when he did not receive it, he publicly exploited the existing vulnerability, potentially compromising sensitive personal information about thousands of Ticketfly customers and vendors, including names, email addresses, phone numbers and physical addresses.
Motherboard was able to confirm personal details of six users to be correct, implying that hacker managed to compromise the data of Ticketfly users.
Latest Developments in Ticketfly Case
Subsequent information released in a tweet by Ticketfly indicates that the breach is not yet over, as some Ticketfly services remain offline as the platform races to contain the embarrassing service outage.
It was earlier reported that the hacker threatened to release another database labeled ‘backstage,’ though as yet there is no indication as to what sort of data is contained therein.
The only available information came from a statement by a Ticketfly spokesperson who said:
“We’ve determined that Ticketfly.com has been the target of a cyber incident. Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We realize the gravity of this decision, but the security of client and customer data is our top priority. We are working tirelessly, and in coordination with leading third-party forensic experts, to get our clients back up and running.”
Crypto Crimes on the Rise?
The incident is the latest in a growing pattern that sees bitcoin used as the currency of choice for hackers and blackmailers. In March 2018, Atlanta’s government computers were attacked by the notorious WannaCry ransomware virus, with hackers demanding $51,000 in bitcoin before they would end the attack.
The following month, on June 1, 2018, BTCManager reported Chinese authorities arrested 97 people and recovered $267 million associated with OneCoin pyramid scheme. In a separate case, hackers demanded $1 million in XRP after stealing bank’s customer data.
Earlier in January 2018, a hospital in Indiana, USA was hacked, with an unspecified ransom amount demanded in Bitcoin. Another ransom surfaced on May 25, this time a South African teen was kidnapped and the kidnappers demanded $120,000 in bitcoins.
The pseudonymous nature of cryptocurrencies makes them a hot target of hackers and criminals since cryptocurrencies are less likely to be detected than bank transfers or cash deals. Hackers who hacked Coincheck were able to launder over $500 million worth of NEM tokens on the deep web without anyone getting arrested.
These incidents are among a growing list of reasons for the increasing push by governments around the world to regulate bitcoin exchanges and mandate KYC frameworks for cryptocurrency trading platforms.