Riverdale School District Refused To Pay Bitcoin Ransomware Fee

The threat of Bitcoin ransomware is never far away, and the Riverdale school district’s computer system learned that the hard way. Based on a report by North Jersey, the computer system fell victim to a ransomware attack, not that long ago. It is worth noting the district did not pay the ransom of two Bitcoin, as most of the data were recovered by reverting to previously made backups.

Also read: Canadian Bitcoin Exchange Cointrader Is No More

Another Bitcoin Ransomware Attack


It is not the first, nor the last time; an institution will come face to face with a Bitcoin ransomware attack. Especially larger institutions, such as schools and hospitals, are dealing with outdated computer systems. Moreover, their staff is usually unsure as to what they should be doing when this type of attack occurs.

Trouble started brewing for the Riverdale school district a few weeks ago when staffers were having trouble accessing the email system remotely. This issue was reported to Passaic County Education Services, as they handle all of the IT infrastructure involved. When their team accessed the system through a remote connection, the server did not respond to any commands.

After a visit in person, PCES discovered a Bitcoin ransomware message on various computers, which demand a ransom of two BTC to be paid. Despite facing this severe threat, the school district decided not to pay the ransom – which is the proper course of action in any case – and revert to data stored in their most recent system backup.

What is even more interesting is how the infection was – apparently – contained to just the public server hosting the website, which is also hosted at the school premises. All in all, it was relatively easy to resolve this matter without too many issues. Five days after the first tissues were reported, everything went back to normal, and no critical files were lost in the process.

Based on the information we have received, it appears a new type of Bitcoin ransomware was responsible for this infection. DMA Locker 3.0, as this strain of ransomware, has been dubbed by Malwarebytes, managed to bypass the antivirus solution installed on the school computers. The primary focus for the district is to come up with a solution for the school system’s security, and all of the servers might be moved to an offsite location later on.

Source: North Jersey

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.