Bitcoin Ransomware Scare Shuts Down Johannesburg Online Processes

Johannesburg, South Africa’s biggest city has been forced to temporarily shut down all its online operations including its website, e-services, and billing systems, as a precautionary measure against a bitcoin (BTC) ransomware attack allegedly orchestrated by a group called the “Shadow Kill Hackers,” reports News24 on October 25, 2019.

Bitcoin Thieves Target Joburg

In a bid to minimize the effect of a security breach on its systems, Johannesburg authorities have announced the temporary closure of most of its online city processes. Per sources close to the matter, Johannesburg authorities detected a security breach in its network which led to unauthorized access to its information systems.

The incident reportedly took place just hours after it had received a note from a hacking group named the “Shadow Kill Hacker,” demanding a ransom of 4BTC to be paid before October 28, 2019.

The note reads:

“All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.”

One Too Many

It’s worth noting that this is not the first time that the city of Johannesburg is getting hit by a ransomware attack. Earlier in July, hackers took over the systems of City Power, one of the city’s major electricity providers, leaving some areas without power for several days.

Reportedly, several financial institutions in South Africa, including Standard Bank, ABSA and a few others also faced some challenges with their online services recently, as a result of cyberattacks.

Though the City of Joburg has stated in a tweet that its cybersecurity experts are currently investigating the issue, to come up with the best solution, the city’s online services remain unavailable at press time.

As reported by BTCManager in June 2019, Florida’s Lake City was forced to pay a $500k bitcoin ransom demanded by hackers after all efforts made by its cybersecurity department to regain access to their encrypted files proved futile.

On October 8, 2019, reports emerged that the Spanish city of Jerez de la Frontera had been targeted by a ransomware attack.