Real cases

Data since 2012

Real cases of hacked carsDate
High-end Audi hacked and stolen in broad daylightMay 2020Read More
Headline High-end Audi hacked and stolen in broad daylight
Year 2020
Month Mayo
Country United Kingdom
Description 

A gang of car thieves manages to steal an Audi S4 Avant parked in a parking lot in Birmingham. Unlike other types of thefts, here the criminals do not use a system to retransmit and amplify the signal of the door opening system… instead, after breaking a window of the car, they connect a relay device to start the Audi’s engine in just 40 seconds and drive away with the vehicle.

Intentionality Cracker
Target Vehículo
Company Audi
Model S4
Type of company OEM
Data / Life Otros
Access Remoto
Recognized by brand No
Source https://www.dailymail.co.uk/news/article-8340877/Car-thief-slides-window-46k-Audi-uses-keyless-hack-steal-40-seconds.html
Texas Department of Transportation hackedMay 2020Read More
Headline Texas Department of Transportation hacked
Year 2020
Month Mayo
Country United States
Description 

A cybercriminal has managed to crack the network of the Texas Department of Transportation using a ransomware technique, as published in a statement posted on social networks by the affected entity itself. A case that occurred days after the state’s justice department also suffered another cyberattack. On this occasion, the attack consisted of blocking and disabling all types of files, asking for a ransom to ‘free’ them. According to sources from the transportation department itself, it acted quickly, isolating the most affected parts of the network, to ensure that the department’s activity was affected as little as possible.

Intentionality Cracker
Target Empresa
Company Texas
Type of company Public Transport
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://www.themonitor.com/2020/05/18/transportation-agency-hacked-2nd-texas-government-attack/
Mercedes component source code leakedMay 2020Read More
Headline Mercedes component source code leaked
Year 2020
Month Mayo
Country Germany
Description 

Software engineer Till Kottmann discovered that he was able to register an account on a portal, called Git, where Daimler – the brand that owns Mercedes – hosts its codes. Once there, he was able to download up to 580 data sets with these source codes, which are used in the ‘integrated logic units’ -OLU- that Mercedes vans carry -for example, the Vito manufactured in Spain-.An OLU is the component that sits between the hardware and software of a car, and according to Daimler itself, it allows vehicles to be connected to the cloud. In this way, the OLU, in combination with certain applications, can be used to control remote functions of the car, such as locating its position, knowing the vehicle’s status, stopping the engine in the event of theft… According to the threat intelligence firm Under the Breach, the data found could be used to attack the cloud and Daimler’s internal network.

 

Intentionality Cracker
Target Empresa
Company Mercedes-Benz
Type of company OEM
Data / Life Datos y Vida
Access Aplicación
Recognized by brand No
Source https://www.zdnet.com/article/mercedes-benz-onboard-logic-unit-olu-source-code-leaks-online/
Russian drivers’ data stolen and offered for sale on the dark webMay 2020Read More
Headline Russian drivers’ data stolen and offered for sale on the dark web
Year 2020
Month Mayo
Country Russia
Description 

Anonymous hackers managed to attack a database and put everything it contained up for sale on the deep Internet: in particular, the data of more than 129 million Russian car owners. According to the Russian media Vedomosti, whoever paid the stipulated price could access data such as the owner’s first and last name, address, date of birth and even passport number and contact information.

The price set by the offender to get the complete information of the entire database was 0.3 bitcoins – about 2,500 euros – while if you wanted to have exclusive use of it you had to pay 5 times more: 1.5 bitcoins – about 12,500 euros.

Ashot Hovhannisyan, founder and CTO of DeviceLock, explains in statements reported by Vedomosti that it is common for cybercriminals to offer databases for sale on the Internet. How do they gain access to them? By hacking into the servers that store them. The most commonly breached are those of the police and insurance companies.

Intentionality Cracker
Target Otros
Type of company 
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://cointelegraph.com/news/hackers-sell-data-of-129-million-russian-car-owners-for-bitcoin
Lithuanian ex-cop accused of cracking and stealing vehiclesMay 2020Read More
Headline Lithuanian ex-cop accused of cracking and stealing vehicles
Year 2020
Month Mayo
Country Lithuania
Description 

A former Lithuanian detective has been arrested on charges of using his knowledge as a police officer to abuse his power and being involved in the theft of vehicles equipped with keyless entry systems. According to the investigation, the alleged culprit, named Valdas Raudis, did not act alone but with another person, using digital devices valued at around 18,000 euros. 18,000, an amount that they would certainly have been able to amortize, since the stolen vehicles had a value that could exceed a quarter of a million euros.

Intentionality Cracker
Target Vehículo
Type of company OEM
Data / Life Otros
Access Remoto
System Keyless
Recognized by brand No
Source https://www.bbc.com/news/uk-england-cambridgeshire-52630840
Sheffield license plate monitoring system breachedMay 2020Read More
Headline Sheffield license plate monitoring system breached
Year 2020
Month Mayo
Country United Kingdom
Description 

The automatic license plate recognition system -ANPR- controlled by Sheffield City Council was exposed on the Internet, allowing the data of 8.6 million road trip records to be displayed and exposed to anyone who connects to the network. The data stored is the license plate, location, time… of each car. A single camera was capable of ‘capturing’ 21,000 vehicles, and all this type of information was exposed.

Intentionality Cracker
Target Empresa
Company Townhall
Type of company Public transport
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://www.teiss.co.uk/sheffield-anpr-system-exposure/
Data stolen from a Swiss railway transport companyMay 2020Read More
Headline Data stolen from a Swiss railway transport company
Year 2020
Month Mayo
Country Switzerland
Description 

Switzerland-based international rail vehicle construction company Stadler revealed that it was the victim of a cyber attack that could also have allowed attackers to steal company and employee data. The company said that the attackers managed to infiltrate its network, managing to infect devices with some malicious software. Apparently, the criminals demanded a significant financial ransom for all the stolen information, threatening to leak the stolen data.

Intentionality Cracker
Target Empresa
Company Stadler
Type of company Transporte público
Data / Life Datos
Access Remoto
Recognized by brand No
Source https://www.bleepingcomputer.com/news/security/rail-vehicle-manufacturer-stadler-hit-by-cyberattack-blackmailed/
Mercedes’ Instagram account hackedMay 2020Read More
Headline Mercedes’ Instagram account hacked
Year 2020
Month Mayo
Country Alemania
Description Un grupo no identificado logró hackerar el perfil en Instagram de la cuenta de Mercedes-Benz en Alemania. Fue un usuario y seguidor del perfil de la marca el que se dio cuenta de que se estaba produciendo una actividad inusual en el muro, donde aparecieron informaciones como la imagen de una esvásitica... o solicitar donaciones en BitCoins para hacer frente a la pandemia del COVID19. Incluso en la descripción, el nombre de la cuenta cambió a "Hackeada por catz". La marca tuvo que disculparse públicamente por los inconvenientes que pudieran haberse producido.
Intentionality Cracker
Target Empresa
Company Mercedes-Benz
Type of company OEM
Data / Life Datos
Access Remoto
Recognized by brand 
Source https://www.techtimes.com/articles/249421/20200506/breaking-mercedez-benz-instagram-got-hacked-account-posted-swastika-logo-and-bitcoin-donation.htm
Moldavian tourist arrested for stealing a car via keyless systemMay 2020Read More
Headline Moldavian tourist arrested for stealing a car via keyless system
Year 2020
Month Mayo
Country United Kingdom
Description 

A ‘tourist thief’ from Moldova took advantage of a trip to the UK to steal several cars, including some luxury cars. Vadim Muntean, with the help of an accomplice, stole the vehicles using the signal amplification system, which is used for models equipped with keyless entry and keyless start. They also used systems to interfere with the signal of the trackers fitted to the cars, so that they could not be located via GPS. Among the models stolen was a BMW valued at around 45,000 euros.

Intentionality Cracker
Target Vehículo
Type of company OEM
Data / Life Otros
Access Remoto
System Keyless
Recognized by brand No
Source https://www.dailymail.co.uk/news/article-8276905/Moldovan-burglary-tourist-jailed-ten-months-travelling-UK-steal-keyless-cars.html



Este sitio web utiliza cookies para que usted tenga la mejor experiencia de usuario. Si continúa navegando está dando su consentimiento para la aceptación de las mencionadas cookies y la aceptación de nuestra política de cookies, pinche el enlace para mayor información.plugin cookies

ACEPTAR
Aviso de cookies