Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 30 April 2019 / Published in Woo on Tech

Lax App Security Leads to Hacked Cars

GPS tracking devices on fleet vehicles have enabled transportation and shipping companies to to streamline operations and improve efficiency for decades. As vehicles have become increasingly computerized, these devices also acted as a gateway for even more data gathering, commonly known as telemetry, which naturally led to them being connected to the internet for realtime data gathering and, of course, remote control capabilities, including the ability to stop engines, apply brakes and even control the steering. And, as is the tendency for all things internet-connected, these GPS systems are vulnerable to hacking, especially if the companies writing the software do dumb things like setting the default password to “123456”.

Who would do such a thing?

You can bet that if you set your default password to something as simple as that, and even publish that fact in the app documentation, someone is going to notice and take advantage, which is exactly what a hacker did when he used this knowledge and bit of code to brute force his way into thousands of user accounts for two widely-used Android apps. Not only was he able to gather confidential user data from the mobile device on which the apps were installed, but he was also able to gain collective access to thousands of vehicles that were managed by the app itself. Both apps also included functionality that, if installed and enabled by the vehicle operator, allowed the engine to be stopped remotely, even if it was in motion (up to 12 MPH supposedly). According to the hacker himself, he had the potential to cause a great deal of chaos, financial damage and potential physical harm if he were to actually follow through on killing engines on thousands (he claims hundreds of thousands) of vehicles, he stopped short of doing so, as his intent was not to hurt individuals but to raise awareness with companies using the flawed platforms. Both apps are developed by firms located in a country that has a reputation for producing products, software and firmware with serious security flaws and alleged backdoors. It’s unclear whether this particular hacker’s efforts will result in any overall improvements in the industry, but since contacting the app firms, at least one of the companies has reached out to its customers to urge them to change their passwords.

Image by Photo Mix from Pixabay

  • Tweet

What you can read next

Yahoo Logo
Yahoo Angers Ymail Users with Redesign…Again
The Elephant in the Voting Machine – Part 2
ATT Hacked
ATT Insider Breach Exposes Customer Data

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP