Luas Hacked

begbysback · 03-01-2019 09:13AM #1

So the Luas website has been hacked - message can be seen when you search Luas

Thing is they’ve asked for 1 bitcoin, apparently the hackers were trying to help but were ignored, they didn’t like this so took the site down.

1 measley bitcoin, personally I would ask for 1 million dollars, a helicopter to escape, and demand that busses show up on time.

What would you ask for?

Old Perry · 03-01-2019 09:17AM

Caviar in the 1st carraige.

s3rtvdbwfj81ch · 03-01-2019 09:18AM

mickoneill31 · 03-01-2019 09:20AM

begbysback wrote: »

So the Luas website has been hacked - message can be seen when you search Luas

Thing is they’ve asked for 1 bitcoin, apparently the hackers were trying to help but were ignored, they didn’t like this so took the site down.

1 measley bitcoin, personally I would ask for 1 million dollars, a helicopter to escape, and demand that busses show up on time.

What would you ask for?

It depends. Did the hackers really get confidential information or did they just manage to deface the site? They might be bluffing so asking for a large fee just means their bluff would be called. Asking for a small fee means that a company will probably just pay it rather than take the chance.

Or they might not be bluffing.

EdgeCase · 03-01-2019 09:22AM

1 bitcoin is €3385. That’s not a pittance and if you pay out you’ve no guarantee that your data will be recovered or they they won’t just come back for more.

I don’t think the Luas site does anything interactive anyway so it will probably made more secure and the content restored from backups.

KevinCavan · 03-01-2019 09:23AM

They have no money for Bitcoin after the court case with the Luas surfer.

vectorvictor · 03-01-2019 09:25AM

Suppose the main concern here is that the website processes payments for fixed penalty notices.

That one person who's ever paid it must be quaking.

Aside from that what is there to release? A bunch of complaints from the web form?

Franz Von Peppercorn · 03-01-2019 09:27AM

There’s some intermediate secure server up there now.

If the guy emailed them then shouldn’t be too hard to find them.

RobbingBandit · 03-01-2019 09:27AM

Stick a 1 and 2 zeros in front of that 1 bitcoin and we have a deal, LUAS ain't got no security now, let's all jump on board.

EdgeCase · 03-01-2019 09:33AM

Looked at the Wayback Machine archive snapshot of the site and it does have quite a bit of data gathering going on but that doesn't mean any of the databases were accessed.

It has a facility for paying standard fare notices (fines) as well as accessing tax saver and also a log in for subscribing to updates.

These scans can just be spoofing after defacing the site, hoping that some companies pay out.

myshirt · 03-01-2019 09:33AM

I'd demand every driver to take a 30% paycut. I'd love to say 50% out of emotion given the neck of these people, but mature me knows a reasonable person with financial sense couldn't argue the overpayment in salary is beyond c. 30%.

Still quite a large overpayment in salary nevertheless.

fxotoole · 03-01-2019 09:34AM

begbysback wrote: »

So the Luas website has been hacked - message can be seen when you search Luas

Thing is they’ve asked for 1 bitcoin, apparently the hackers were trying to help but were ignored, they didn’t like this so took the site down.

1 measley bitcoin, personally I would ask for 1 million dollars, a helicopter to escape, and demand that busses show up on time.

What would you ask for?

Pfffft. Feck that. I’d rather hack the Leap card and get free travel for life

mightyreds · 03-01-2019 09:36AM

Hope his first email to them wasn't from is personal/work address

vectorvictor · 03-01-2019 09:44AM

mightyreds wrote: »

Hope his first email to them wasn't from is personal/work address

Probably an @luas.ie one judging by how hard done by they all seem to feel in there

Franz Von Peppercorn · 03-01-2019 09:46AM

myshirt wrote: »

I'd demand every driver to take a 30% paycut. I'd love to say 50% out of emotion given the neck of these people, but mature me knows a reasonable person with financial sense couldn't argue the overpayment in salary is beyond c. 30%.

Still quite a large overpayment in salary nevertheless.

Mother ireland is rearing them yet. No idea what they are earning but it’s agreed between a private company and it’s workers.

VinLieger · 03-01-2019 09:54AM

What was the website used for that security becomes an issue? All i was aware it had on it was timetables, announcements and info on how to use the luas etc

s3rtvdbwfj81ch · 03-01-2019 09:55AM

fine payments

vectorvictor · 03-01-2019 10:00AM

Wonder if the trams are better protected

Bit of a drought going on so kind of fancy an opportunity to morph into Keanu Reeves and come to a screeching halt in a tender embrace... at Fatima

begbysback · 03-01-2019 10:13AM

EdgeCase wrote: »

1 bitcoin is €3385. That’s not a pittance and if you pay out you’ve no guarantee that your data will be recovered or they they won’t just come back for more.

I don’t think the Luas site does anything interactive anyway so it will probably made more secure and the content restored from backups.

1 bitcoin is 3385 today, Luas have 5 days to pay, I say hold out for as long as possible, bitcoin could drop to 14c by then

MarkR · 03-01-2019 10:17AM

I wonder what their disaster recovery procedure is. Or if they have one.

Never mind, seems to be back up. Looks like they were able to scrub the live site and restore from a backup.

seamus · 03-01-2019 10:27AM

1 BTC isn't very much, I wonder is it a 14 year old looking to get a few grand, or someone misguided but well-meaning trying to "get serious" about the security flaws.

Either way, he has exposed himself to a couple of crimes which aren't worth the risk for 4 grand.

I wouldn't have asked for money at all, I simply would have given the media some anonymised data which proves the breach and information to the Luas operators on how to fix it.

orourkeda1977 · 03-01-2019 10:54AM

begbysback wrote: »

So the Luas website has been hacked - message can be seen when you search Luas

Thing is they’ve asked for 1 bitcoin, apparently the hackers were trying to help but were ignored, they didn’t like this so took the site down.

1 measley bitcoin, personally I would ask for 1 million dollars, a helicopter to escape, and demand that busses show up on time.

What would you ask for?

Perhaps you might want to think about hacking dublin bus' website.

begbysback · 03-01-2019 11:38AM

orourkeda1977 wrote: »

Perhaps you might want to think about hacking dublin bus' website.

That was a decoy, while the law are checking all the buses for a suspect I’ll be in the helicopter and driving my new car.

razorblunt · 03-01-2019 11:49AM

I was expecting a carriage to running loose down Stephen's Green. This story is a let down.

oLoonatic · 03-01-2019 11:53AM

Have we not got to a stage now where people understand that cyber security is massively important!

Hoboo · 03-01-2019 11:58AM

It's only 3000 odd, but do that to 5000 sites.

03-01-2019 12:10PM

vectorvictor wrote: »

Wonder if the trams are better protected

Running Windows XP!

Badly Drunk Boy · 03-01-2019 12:58PM

begbysback wrote: »

That was a decoy, while the law are checking all the buses for a suspect I’ll be in the helicopter and driving my new car.

The helicopter sounds like a good idea initially, but it's only a matter of time before the rotors get tangled in the Luas tracks. I've said it before and I'll say it again: Luas helicopters are a bad idea.

Rawr · 03-01-2019 01:05PM

From the title I thought that someone had hacked into an actual Luas, and was now driving it around Dublin like a little cyber-hooligan.

...I'm a little disappointed....

s4uv3 · 03-01-2019 01:25PM

I'm still sickened that I didn't buy any cheap bitcoins :rolleyes:

04-01-2019 06:25PM

MarkR wrote: »

I wonder what their disaster recovery procedure is. Or if they have one.

Never mind, seems to be back up. Looks like they were able to scrub the live site and restore from a backup.

Restoring from a backup would put the original vulnerability back onto the website.

Luas Hacked

Comments