Ransomware gang 49ers say they have hijacked a football team.

RICHMOND, Va. (AP) – The San Francisco 49ers have been hit by a ransomware attack, with cybercriminals claiming to have stolen some football team financial information.

Redemption team BlackBite posted the recently stolen group documents on a dark website in a file labeled “2020 Receipts”. The group did not disclose any ransom request or say how much information it had stolen or encrypted.

The team, one of the most expensive and well-known franchises in the NFL, which lost the playoffs two weeks ago, said in a statement on Sunday that it had recently identified some of the IT network’s “network security problems.” Network Systems has notified law enforcement agencies and hired cyber security agencies.

“To date, we have no indication that this event will involve systems outside of our organizational network, such as Levi Stadium operations or ticket holders,” the club said in a statement.

The attack comes two days after the FBI and the US Secret Service announced in November that they had “infringed on a number of US and foreign businesses, including those in at least three major US infrastructure sectors.”

Ransomware hackers targeting the world’s largest meat packaging company, the United States’ largest oil pipeline, and other targets last year wreaked havoc. Western governments have pledged to crack down on cybercriminals, mostly operating in and around Russia, but few have shown their efforts.

Last month’s victims of ransom paid include oil depot operators in Belgium and Germany, as well as media outlets in Portugal. Last week’s cyber attack on Vodafone, a wireless service provider in Portugal, had all the signs of redemption, although the Portuguese CEO said he had not received any redemption requests.

BlackBite is a redemption-as-a-service group. This means decentralizing, independent operators developing malware, breaking companies or fulfilling other roles. It is part of a growing trend for Renaissance teams to become professional. According to recent reports from the FBI, NSA and others, Renaissance operators are developing an arbitration system to settle disputes.

According to Brett Clow, an analyst at the Microsoft cybersecurity firm, BlackByte Malware, like many other versions of the ransomware, is hard code to encrypt Russian or some Russian partners’ languages.

But that does not mean that anyone behind the 49ers attack is in Russia or one of its neighbors.

“Anyone can use malware to launch attacks,” he said.