San Francisco 49ers confirms it fell victim to BlackByte ransomware on Super Bowl Sunday

Cal Jeffrey

Posts: 3,491   +1,040
Staff member
Editor's take: This year's Super Bowl was not very exciting. The game was low-scoring, and the halftime show was lackluster. The only interesting thing that happened on Super Bowl Sunday is the San Francisco 49ers, who wasn't even in the game, confirmed it got hacked.

Over the weekend, the BlackByte ransomware group's dark web blog touted that it had hacked servers belonging to the San Francisco 49ers and encrypted them. It wants $530 million for the key. The post contains a file called "2020 Invoices" to prove it has company data. Ars Technica notes that the cache holds hundreds of billing statements to entities including AT&T, Pepsi, and the city of Santa Clara.

A representative for the team confirmed on Sunday that BlackByte attacked it the day before, but it appears that only the corporate offices were involved. Records at Levi's Stadium, San Francisco's home field, are safe, and ticket holders have nothing to fear.

"While the investigation is ongoing, we believe the incident is limited to our corporate IT network," said the spokesperson. "To date, we have no indication that this incident involves systems outside of our corporate network, such as those connected to Levi's Stadium operations or ticket holders."

The ransomware attack came only a day after the FBI and the US Secret Service issued a warning that the BlackByte hacking group has compromised no fewer than three critical infrastructure sectors in the United States. The report published on Friday says that as of November 2021, BlackByte had infected multiple "government facilities, financial, and food & agriculture" systems with ransomware.

"The BlackByte executable leaves a ransom note in all directories where encryption occurs. The ransom note includes the .onion site that contains instructions for paying the ransom and receiving a decryption key," the notice says. "Some victims reported the actors used a known Microsoft Exchange Server vulnerability as a means of gaining access to their networks. Once in, actors deploy tools to move laterally across the network and escalate privileges before exfiltrating and encrypting files."

The joint task force warning includes technical details and mitigation procedures for IT personnel to protect their companies against BlackByte attacks.

Permalink to story.

 

Hexic

Posts: 1,212   +1,886
TechSpot Elite
"Editor's take: This year's Super Bowl was not very exciting. The game was low-scoring, and the halftime show was lackluster. The only interesting thing that happened on Super Bowl Sunday is the San Francisco 49ers, who wasn't even in the game, confirmed it got hacked."

...did you actually watch the Super Bowl?!

It was the farthest thing from boring, and 23-20 is most definitely not low scoring. The score passed back and forth with huge interceptions, as well as a very late game turnover leading to a last second win. If that's boring, I question what an entertaining football game is for ya.

And the halftime show was quite literally the best halftime show in many years - particularly if you aren't 20 and wondering who's up there, and why it's not the Jonas Brothers or Coldplay.

Opinions are one thing, but dang son.

On topic: That sucks. NFL will definitely bounce back with all the money they are throwing around.
 

texasrattler

Posts: 1,288   +614
I did watch the Super Bowl and will say it wasn't great. Once again Refs not doing their job or not consistently doing their jobs. Missing blatant penalties and then throwing a flag on a garbage call at the end of the freaking game. Sad times when the best games were weeks before the SB.
Let's all be honest, people wanted to the Chiefs instead they got the Bengals. Which are a good team but no where near as entertaining as the Chiefs.
 

texasrattler

Posts: 1,288   +614
I did like the Haltime show. Brought back great times n music from the late '90s. Overall was good. Didn't like, get or even know why Kendrick Lamar was there. Had no reason being there.
 

Cal Jeffrey

Posts: 3,491   +1,040
Staff member
To each his own. Not a big Jonas Brothers fan but Coldplay was cool. I don't know. Maybe I just wasn't into it this year. It just didn't thrill me. And yeah, I think I would have been more into watching a Chiefs/Rams matchup.

And also on topic: I don't think the NFL or the 49ers will be hurt by this. It doesn't really even sound like they got much in the way of a breach. What? Some billing statements for 49ers partnered corporations? Unless there is more we are not privy to, I can't even see the 49ers, worrying about it.
 

texasrattler

Posts: 1,288   +614
Real story is why MS keeps having security holes. Nothing is 100% but to have issues like this keep happening and MS name keep coming up is embarrassing for any company.