Egregor ransomware attack disrupted public transport in Vancouver

Egregor attack on transport in Vancouver
Written by Emma Davis

ZDNet reports that the Egregor ransomware attack disrupted the work of TransLick, a public transport operator in Vancouver, Canada.

The incident occurred this week, December 1, 2020, and as a result, Vancouver residents were unable to use Compass transit cards or pay for new tickets through Compass ticket kiosks for several days.

TransLink initially said the incident was a lingering technical problem, but now reporters from the local news agency CITY NEWS 1130 have learned about the true nature of the incident.

Working with my colleague @pjimmyradio, we can confirm for @NEWS1130 that @TransLink has been hacked. Our information comes from multiple sources within the transit authority, who have shared the ransom letter with us.wrote journalist Martin MacMahon on Twitter.

What forced the management of TransLink to disclose the real reasons for the incident.

We can now confirm that TransLink has been the target of a ransomware attack targeting our IT infrastructure.said TransLink chief executive Kevin Desmond in a post released after CITY NEWS 1130 was exposed.

While Desmond did not say which hackers’ group was responsible for this attack, he did confirm that the attackers sent ransom messages to print on all of the company’s available printers.

A copy of this ransom note has already been published by another local journalist.

Egregor attack on transport in Vancouver

Sources tell me, at this point, @TransLink does NOT intend to pay. But a cyber security expert we spoke to says this is a sophisticated new type of ransomware attack… and many victims do pay.Jordan Armstrong wrote on Twitter.

Judging by this message from hackers and the behaviour of the malware, the TransLink systems were attacked by one of the versions of the ransomware Egregor, which is known for printing its requirements on any available device.

TransLink officials say they have already reinstated Compass kiosks so customers can use Tap to Pay features for passing through tariff points. The company also emphasized that the incident did not affect the operation of a single city transport route.

Let me remind you that the operators of the ransomware Egregor recently attacked Barnes & Noble, the largest bookstore chain in the United States, as well as Ubisoft and Crytek, major computer game developers.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply