Hackers take over Johannesburg’s systems, demand ransom in BTC

The city of Johannesburg in South Africa is under attack from a group of hackers who are demanding ransom in BTC. The hacker group, which goes by the name Shadow Kill Hackers, took over the city’s systems on October 25, forcing officials to shut down the systems as a precautionary measure. According to reports from South African media, the hackers have demanded 4 BTC in ransom which at the current rates stands at $38,000.

The largest city in South Africa, Johannesburg was the target of another hack attack not so long ago. Back then, the hackers took over the city’s electricity grid, causing blackouts in thousands of homes. This time it’s different as the hackers have breached crucial city services and claim to be in possession of the residents’ personal information.

The hackers notified the city that they had accessed their systems via a message left as a log on screen, according to a report by ZDNet. Part of the message states, “All of your servers and data have been hacked. We have dozens of backdoors inside your city. We have control of everything in your city. We can shut off everything with a button. We also compromised all passwords and sensitive data such as finance and population information.”

Bonang @KaoT1C00 @MokoenaDee pic.twitter.com/1OtjAQeraI

— Pule_tjp🐦 (@pule_madumo) October 25, 2019

The note then demands 4 BTC before 17:00 South African time to an address that the hackers provided. If the city fails to pay, the hackers threatened to upload all the information they have on the internet.

The city denied that the hackers had demanded ransom, despite screenshots of the demand being seen by media outlets. The city spokesperson Nthatisi Modingoane stated that no formal demand for ransom had been made, while also reassuring the residents that their data is safe.

He stated, “The hacking happened at the user level, not at the application level, which is where the critical data sits. When we noticed the user level being impacted, we shut down the system as a precautionary measure to protect the critical information of customers.”

It’s not yet clear if the city will follow in the steps of some U.S. cities such as Riviera Beach in Florida which gave in to the hackers’ demands and paid the ransom. If the hackers have the data as they claim, the turmoil that would ensue if they published it on the internet would be huge.

It wasn’t just the city’s systems that were attacked by the hackers. South African banks were the targets of DDoS attacks perpetrated by a group of hackers who also demanded ransom. The hackers promised to unleash more attacks if they don’t receive the ransom. Shadow Kill Hackers however distanced itself from the DDoS attacks.