NASCAR team falls victim to ransomware, pays ransom

Most US businesses would perhaps not pay in the event of a ransomware attack, but Circle-Sport Leavine Family Racing (CSLFR), a professional NASCAR car racing team, is not one of these.

NASCAR team victim ransomware

The team fell victim to ransomware in April this year, paid to get the decryption key, and successfully decrypted its encrypted files.

“Three company computers, all of which held Winston’s data, were recently infected by TeslaCrypt ransomware and the perpetrators demanded that the CSLFR team pay a ransom within 48 hours or their data would be gone forever,” AV outfit Malwarebytes explained.

“The data contained anything and everything that the CSLFR team had to ensure that their racing vehicles perform at their highest level, including set ups worth over $1.5 million, car part lists, and custom high-profile simulation packages valued at $2 million. To recreate this data, it would have taken the team nearly 1,500 man-hours.”

Dave Winston, the crew’s chief, said that aside from being crucial to the team’s future success, the encrypted files and data they held were the result of years worth of work and millions of dollars invested. It’s no wonder they opted for paying up.

According to ESPN, the price for recovering the files was $500 in bitcoin, and they managed to effect the payment in less than 24 hours by buying the currency from a nearby bitcoin ATM.

After decrypting the files, the team realized that their protections were lacking, and that they needed help in cleaning up all the computers. So they called in Malwarebytes, which ultimately became a sponsor of the team, and their logo is blazoned across the team’s cars.

“Like most companies, we felt we had solid security in place on our digital intelligence with our software and firewalls, but this is a very new threat,” said Jeremy Lange, VP at CSLFR.

“It’s an area of coverage that you don’t realize you need until it happens to you. We’re lucky that it all worked out and now having this partnership with Malwarebytes, we hope to inform NASCAR fans and the industry of this threat and the solution.”