Ransomware creep accidentally hijacks San Francisco Muni, won't give it back

A ransomware criminal's self-reproducing malicious software spread through a critical network used by the San Francisco light rail system, AKA the Muni, and shut it down; the anonymous criminal -- cryptom27@yandex.com -- says they won't give it back until they get paid.

cryptom27@yandex.com has been linked to other attacks. In a statement in broken, seemingly machine-translated English, cryptom27@yandex.com wrote, "we don't attention to interview and propagate news ! our software working completely automatically and we don't have targeted attack to anywhere ! SFMTA network was Very Open and 2000 Server/PC infected by software ! so we are waiting for contact any responsible person in SFMTA but i think they don't want deal ! so we close this email tomorrow!"

Muni says they're working to resolve the situation. In the meantime, Muni is not able to collect fares from riders, and is allowing all to ride for free.

Free rides for Muni customers after apparent computer hack
[Rachel Swan and Kimberly Veklerov/SFGate]

Hackers are holding San Francisco’s light-rail system for ransom
[Andrew Liptak/The Verge]