Real cases

Data since 2012

Real cases of hacked carsDate
Six luxury vehicles are stolen by keyless entry.Oct 2020Read More
Headline Six luxury vehicles are stolen by keyless entry.
Year 2020
Month Octubre
Country United States
Description 

Crackers managed to steal six luxury cars from the Twin Auto sales lot in the Detroit area overnight on Friday 23 October. The thefts from the vehicles, valued at $50,000 each, were carried out using a remote computer that opened the cars’ doors by bypassing the keyless entry system. Police believe the laptop generated a second key that allowed the criminals to start the cars and subsequently drive them off the lot without raising suspicion. Police are still searching for the suspects in the phantom incident.

Intentionality Cracker
Target Vehículo
Company FCA Group
Model Dodge Durango SRT (2020), Dodge Charger Scat pack (2020), Dodge Challenger RT (2018), Jeep Grand Cherokee SRT (2017),Dodge Challenger HellCat (2015) y Jeep Grand Cherokee SRT (2014).
Type of company 
Data / Life Otros
Access Remoto
System Keyless
Recognized by brand No
Source https://www.fox2detroit.com/news/thieves-use-computers-to-hack-steal-six-luxury-cars-at-redford-dealer
The data of 27 million drivers are exposedNov 2020Read More
Headline The data of 27 million drivers are exposed
Year 2020
Month Noviembre
Country United States
Description 

Vertafore -a US software provider whose activity is centered on insurance companies- announced that it had suffered a security breach in its databases, through which an unknown attacker was able to access the information of 27.7 million registered drivers In the state of Texas, in the US The compromised files included names, dates of birth, addresses, license numbers and registration histories of the insured vehicles.

Intentionality Cracker
Target Empresa
Company Vertafore
Type of company Service provider
Data / Life Datos
Access Aplicación
Recognized by brand 
Source https://www.govtech.com/security/27-7M-Texas-Drivers-Affected-by-Third-Party-Data-Breach.html
Access to the CAN-BUS of a Kia through the multimedia systemNov 2020Read More
Headline Access to the CAN-BUS of a Kia through the multimedia system
Year 2020
Month Noviembre
Country Italy
Description 

A couple of Italian researchers discover, when analyzing the software of the multimedia system of a Kia Ceed, a vulnerability that allows them to execute malware – a malicious program – inside the system and, in addition, send instructions through CAN-BUS – the network that intercommunicates elements such as sensors and control units in a car- to manipulate certain functions – such as altering the audio volume, activating the rear view camera or loading routes in the navigator – without having to touch the touch screen or the controls of the multimedia device.

Intentionality Cracker
Target Vehículo
Company Kia
Model Ceed
Type of company 
Data / Life Datos y Vida
Access Físico
System Multimedia system
Recognized by brand No
Source https://e-corridor.eu/cve-for-kia-vulnerability/
Bluetooth, one of the most vulnerable portsSep 2020Read More
Headline Bluetooth, one of the most vulnerable ports
Year 2020
Month Septiembre
Country Switzerland
Description 

It is called BLURtooth, it is a major security flaw that, for the moment, has no solution and has been officially notified by the organization responsible for the Bluetooth communication standard. This form of wireless communication is one of the most widely used devices in cars to enjoy services such as hands-free telephony, music or even for the correct operation of Android Auto and Apple Car Play protocols. Therefore, this Bluetooth vulnerability not only fails, it not only puts the phone device at risk, but also the vehicle.

Intentionality Cracker
Target Vehículo
Type of company 
Data / Life Datos y Vida
Access Aplicación
System Bluetooth
Recognized by brand 
Source https://www.elmundo.es/tecnologia/2020/09/15/5f5f4b0621efa018288b4576.html
Attempt to cripple Tesla factory through cyber attackAgo 2020Read More
Headline Attempt to cripple Tesla factory through cyber attack
Year 2020
Month Agosto
Country United States
Description 

The U.S. Department of Justice confirms the arrest of a Russian-born man accused of offering $1 million to an employee of the automaker in order to bribe him to carry out a cyberattack from the inside. The plan? To infect a large part of the company’s factory, located in Nevada, with malware that would have paralyzed its production. The employee, instead of taking the money he was offered, told his bosses, who called in the FBI to start the investigation.

Intentionality Cracker
Target Empresa
Company Tesla
Type of company 
Data / Life Datos
Access Aplicación
Recognized by brand 
Source https://www.cyberscoop.com/tesla-ransomware-attempt-elon-musk-russia/
Massive data theft at Uber takes company’s ex CSO to courtAgo 2020Read More
Headline Massive data theft at Uber takes company’s ex CSO to court
Year 2020
Month Agosto
Country United States
Description 

Joe Sullivan has been formally charged by the District Court in San Francisco, United States, for failing to disclose the details of the operation for which he paid a ransom to crackers to remove the data they had stolen from his platform… so that the facts would not come to the attention of the corresponding authorities, who would have imposed an even greater fine for not having such data properly protected.

Intentionality Cracker
Target Otros
Type of company 
Data / Life Datos
Access Aplicación
Recognized by brand No
Source https://www.cyberscoop.com/joe-sullivan-uber-arrested-2016-data-breach/
The Tesla dashcam bug discovered by a spanish teamAgo 2020Read More
Headline The Tesla dashcam bug discovered by a spanish team
Year 2020
Month Agosto
Country Spain
Description 

Tesla has been the victim of a new vulnerability. This time it is related to Dashcam technology, a camera installed on board – in the windshield area – that records everything that happens around Tesla cars. The brand does not digitally sign the images recorded with the Dashcam system, so any user, with little knowledge, could manipulate these images and falsify them.

Intentionality Hacker
Target Vehículo
Company Tesla
Type of company OEM
Data / Life Otros
Access Aplicación
Recognized by brand No
Source https://hackercar.com/el-fallo-de-la-dashcam-de-tesla-que-ha-descubierto-un-equipo-espanol/
Traffic lights hacked to improve traffic flowAgo 2020Read More
Headline Traffic lights hacked to improve traffic flow
Year 2020
Month Agosto
Country Netherlands
Description 

In the Netherlands, there are applications that can be linked to cell phones so that cyclists can ride more safely and find the green light when they have to go through a traffic-light controlled intersection – there are also similar apps for ambulance or truck drivers. However, researchers Wesley Neelen and Rik Van Dujin, both co-founders of the company Zolder, wanted to check whether they could hack traffic lights and alter traffic remotely and from any distance using this app.

Intentionality Hacker
Target Otros
Type of company 
Data / Life Otros
Access Aplicación
Recognized by brand No
Source https://www.defcon.org/html/defcon-safemode/dc-safemode-speakers.html#Neelen
European police arrest suspected car hacking and car theft groupJul 2020Read More
Headline European police arrest suspected car hacking and car theft group
Year 2020
Month Julio
Country Germany and Poland
Description 

German and Polish police agencies announced last Wednesday that they had dismantled a Polish criminal network accused of stealing dozens of cars by cracking the keyless systems used to start the vehicles.

Intentionality Cracker
Target Vehículo
Type of company 
Data / Life Datos
Access Remoto
System Keyless
Recognized by brand No
Source https://www.cyberscoop.com/europol-poland-car-hacking-keyless-go/



Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Aviso de cookies