Attackers grab hold of PGA of America files, demand ransom

The golf association is said to have had little success with restoring access to its files so far

The golf association is said to have had little success with restoring access to its files so far

Attackers have breached the computer networks of the Professional Golfers’ Association (PGA) of America, locking its officials out of important files related to the PGA Championship that has just kicked off in St. Louis, Missouri, according to a report from Golfweek.

“Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorythm [sic],” reads the message that appeared on the computer screens of the association’s staff on Tuesday. The attackers also attempted to scare the victims into not even trying to break the encryption, asserting that this “may lead to the impossibility of recovery of certain files”.

“We exclusively have decryption software for your situation. No decryption software is available in the public,” they wrote.

Judging by the wording of the message, according to Bleeping Computer, the PGA may well have been hit with ransomware known as BitPaymer.

The scrambled files contained promotional materials used in digital and print communications for the PGA Championship, as well as for the Ryder Cup that will take place in France this September and in which the association is also involved. Also hijacked was development work on logos for future PGA Championships.

As is normally the case with ransomware campaigns, the message included a Bitcoin address where the attackers expect the payment to be made. Less expected is the fact that the extortion note contained no indication of the ransom amount in return for unlocking the files.

More details are “out of bounds”, as the association declined to comment on the situation, citing its ongoing nature. Golfweek did, however, quote an anonymous source as saying that the organization does not plan to meet the extortionists’ demands. The organization has also enlisted the help of outside experts to ensure that play at the tournament in St. Louis goes off without a hitch.

Major sporting events hold particular appeal to all manner of cyber-crooks, who seek to make money via blackmailing organizers, scamming fans, or by any other tactics. Recently, we devoted a special section to threats lurking around the FIFA World Cup that concluded in Russia last month, as well as to how to stay safe during similar events.

Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center