Real cases

Data since 2012

Real cases of hacked carsDate
Freight forwarding company crackedMay 2020Read More
Headline Freight forwarding company cracked
Year 2020
Month Mayo
Country Australia
Description 

Australian logistics giant Toll Group claims to have suffered a major cyber attack this year in the form of ransomware, resulting in numerous internal and customer-facing systems having to be shut down, with the consequent financial and reputational impact. The ransomware, called Nefilim, allowed hackers to get their hands on company employee data and business agreements. The criminals threatened to publish all the information on the deep web if they did not receive a ransom payment in return.

Intentionality Cracker
Target Empresa
Company Toll Group
Type of company Otros
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://theloadstar.com/toll-group-resists-ransom-demands-from-hackers-after-cyber-attack/
Car cracked and stolen in Luxembourg… located in FranceMay 2020Read More
Headline Car cracked and stolen in Luxembourg… located in France
Year 2020
Month Mayo
Country Luxembourg
Description 

A thief used a system to open the car without using the key, steal it and take it by road from the French town of Bonnevoie to Luxembourg. Luckily, the vehicle could be tracked thanks to a location app integrated in the vehicle.

Intentionality Cracker
Target Vehículo
Type of company OEM
Data / Life Otros
Access Remoto
Recognized by brand No
Source https://today.rtl.lu/news/luxembourg/a/1523656.html
ZoomCar car rental platform hackedMay 2020Read More
Headline ZoomCar car rental platform hacked
Year 2020
Month Mayo
Country India
Description 

The popular car rental platform Zoomcar has been the victim of an act of hacking and data theft. Specifically, criminals accessed and stole personal data of about 3.5 million Zoomcar users, although they did not put it up for sale on the deep web until two years later… to give them a time window to avoid being tracked by their computer’s IP. That data included information such as usernames, email IDs, cell phone numbers, passwords and IP addresses. The data was found by cybersecurity consultant Rajshekhar Rajaharia, who warned that they were asking just €270 for it.

 

Intentionality Cracker
Target Empresa
Company ZOOMCAR
Type of company Car Renting
Data / Life Datos
Access Aplicación
Recognized by brand No
Source https://www.gizbot.com/news/zoomcar-data-hacked-3-5-million-user-information-for-sale-067873.html
High-end Audi hacked and stolen in broad daylightMay 2020Read More
Headline High-end Audi hacked and stolen in broad daylight
Year 2020
Month Mayo
Country United Kingdom
Description 

A gang of car thieves manages to steal an Audi S4 Avant parked in a parking lot in Birmingham. Unlike other types of thefts, here the criminals do not use a system to retransmit and amplify the signal of the door opening system… instead, after breaking a window of the car, they connect a relay device to start the Audi’s engine in just 40 seconds and drive away with the vehicle.

Intentionality Cracker
Target Vehículo
Company Audi
Model S4
Type of company OEM
Data / Life Otros
Access Remoto
Recognized by brand No
Source https://www.dailymail.co.uk/news/article-8340877/Car-thief-slides-window-46k-Audi-uses-keyless-hack-steal-40-seconds.html
Texas Department of Transportation hackedMay 2020Read More
Headline Texas Department of Transportation hacked
Year 2020
Month Mayo
Country United States
Description 

A cybercriminal has managed to crack the network of the Texas Department of Transportation using a ransomware technique, as published in a statement posted on social networks by the affected entity itself. A case that occurred days after the state’s justice department also suffered another cyberattack. On this occasion, the attack consisted of blocking and disabling all types of files, asking for a ransom to ‘free’ them. According to sources from the transportation department itself, it acted quickly, isolating the most affected parts of the network, to ensure that the department’s activity was affected as little as possible.

Intentionality Cracker
Target Empresa
Company Texas
Type of company Public Transport
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://www.themonitor.com/2020/05/18/transportation-agency-hacked-2nd-texas-government-attack/
Mercedes component source code leakedMay 2020Read More
Headline Mercedes component source code leaked
Year 2020
Month Mayo
Country Germany
Description 

Software engineer Till Kottmann discovered that he was able to register an account on a portal, called Git, where Daimler – the brand that owns Mercedes – hosts its codes. Once there, he was able to download up to 580 data sets with these source codes, which are used in the ‘integrated logic units’ -OLU- that Mercedes vans carry -for example, the Vito manufactured in Spain-.An OLU is the component that sits between the hardware and software of a car, and according to Daimler itself, it allows vehicles to be connected to the cloud. In this way, the OLU, in combination with certain applications, can be used to control remote functions of the car, such as locating its position, knowing the vehicle’s status, stopping the engine in the event of theft… According to the threat intelligence firm Under the Breach, the data found could be used to attack the cloud and Daimler’s internal network.

 

Intentionality Cracker
Target Empresa
Company Mercedes-Benz
Type of company OEM
Data / Life Datos y Vida
Access Aplicación
Recognized by brand No
Source https://www.zdnet.com/article/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online/
Russian drivers’ data stolen and offered for sale on the dark webMay 2020Read More
Headline Russian drivers’ data stolen and offered for sale on the dark web
Year 2020
Month Mayo
Country Russia
Description 

Anonymous hackers managed to attack a database and put everything it contained up for sale on the deep Internet: in particular, the data of more than 129 million Russian car owners. According to the Russian media Vedomosti, whoever paid the stipulated price could access data such as the owner’s first and last name, address, date of birth and even passport number and contact information.

The price set by the offender to get the complete information of the entire database was 0.3 bitcoins – about 2,500 euros – while if you wanted to have exclusive use of it you had to pay 5 times more: 1.5 bitcoins – about 12,500 euros.

Ashot Hovhannisyan, founder and CTO of DeviceLock, explains in statements reported by Vedomosti that it is common for cybercriminals to offer databases for sale on the Internet. How do they gain access to them? By hacking into the servers that store them. The most commonly breached are those of the police and insurance companies.

Intentionality Cracker
Target Otros
Type of company 
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://cointelegraph.com/news/hackers-sell-data-of-129-million-russian-car-owners-for-bitcoin
Lithuanian ex-cop accused of cracking and stealing vehiclesMay 2020Read More
Headline Lithuanian ex-cop accused of cracking and stealing vehicles
Year 2020
Month Mayo
Country Lithuania
Description 

A former Lithuanian detective has been arrested on charges of using his knowledge as a police officer to abuse his power and being involved in the theft of vehicles equipped with keyless entry systems. According to the investigation, the alleged culprit, named Valdas Raudis, did not act alone but with another person, using digital devices valued at around 18,000 euros. 18,000, an amount that they would certainly have been able to amortize, since the stolen vehicles had a value that could exceed a quarter of a million euros.

Intentionality Cracker
Target Vehículo
Type of company OEM
Data / Life Otros
Access Remoto
System Keyless
Recognized by brand No
Source https://www.bbc.com/news/uk-england-cambridgeshire-52630840
Sheffield license plate monitoring system breachedMay 2020Read More
Headline Sheffield license plate monitoring system breached
Year 2020
Month Mayo
Country United Kingdom
Description 

The automatic license plate recognition system -ANPR- controlled by Sheffield City Council was exposed on the Internet, allowing the data of 8.6 million road trip records to be displayed and exposed to anyone who connects to the network. The data stored is the license plate, location, time… of each car. A single camera was capable of ‘capturing’ 21,000 vehicles, and all this type of information was exposed.

Intentionality Cracker
Target Empresa
Company Townhall
Type of company Public transport
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://www.teiss.co.uk/sheffield-anpr-system-exposure/



Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Aviso de cookies