SydLexia.com Forum Index
"Stay awhile. Stay... FOREVER!"

  [Edit Profile]  [Search]  [Memberlist]  [Usergroups]  [FAQ]  [Register]
[Who's Online]  [Log in to check your private messages]  [Log in]
Over 100 cars remotely bricked in Texas

SydLexia.com Forum Index » General Discussion

Reply to topic
Author Message
Lady_Satine
Title: Head of Lexian R&D
Joined: Oct 15 2005
Location: Metro area, Georgia
PostPosted: Mar 19 2010 12:09 pm Reply with quote Back to top

http://www.wired.com/threatlevel/2010/03/hacker-bricks-cars/

More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments.

Police with Austin’s High Tech Crime Unit on Wednesday arrested 20-year-old Omar Ramos-Lopez, a former Texas Auto Center employee who was laid off last month, and allegedly sought revenge by bricking the cars sold from the dealership’s four Austin-area lots.

“We initially dismissed it as mechanical failure,” says Texas Auto Center manager Martin Garcia. “We started having a rash of up to a hundred customers at one time complaining. Some customers complained of the horns going off in the middle of the night. The only option they had was to remove the battery.”

The dealership used a system called Webtech Plus as an alternative to repossessing vehicles that haven’t been paid for. Operated by Cleveland-based Pay Technologies, the system lets car dealers install a small black box under vehicle dashboards that responds to commands issued through a central website, and relayed over a wireless pager network. The dealer can disable a car’s ignition system, or trigger the horn to begin honking, as a reminder that a payment is due. The system will not stop a running vehicle.

Texas Auto Center began fielding complaints from baffled customers the last week in February, many of whom wound up missing work, calling tow trucks or disconnecting their batteries to stop the honking. The troubles stopped five days later, when Texas Auto Center reset the Webtech Plus passwords for all its employee accounts, says Garcia. Then police obtained access logs from Pay Technologies, and traced the saboteur’s IP address to Ramos-Lopez’s AT&T internet service, according to a police affidavit filed in the case.

Ramos-Lopez’s account had been closed when he was terminated from Texas Auto Center in a workforce reduction last month, but he allegedly got in through another employee’s account, Garcia says. At first, the intruder targeted vehicles by searching on the names of specific customers. Then he discovered he could pull up a database of all 1,100 Auto Center customers whose cars were equipped with the device. He started going down the list in alphabetical order, vandalizing the records, disabling the cars and setting off the horns.

“Omar was pretty good with computers,” says Garcia.

The incident is the first time an intruder has abused the no-start system, according to Jim Krueger, co-owner of Pay Technologies. “It was a fairly straightforward situation,” says Krueger. “He had retained a password, and what happened was he went in and created a little bit of havoc.”

Krueger disputes that the horns were honking in the middle of the night; he says the horn honking can only be activated between 9 a.m. and 9 p.m.

First rolled out about 10 years ago, remote immobilization systems are a controversial answer to delinquent car payments, with critics voicing concerns that debtors could suffer needless humiliation, or find themselves stranded during an emergency. Proponents say the systems let financers extend credit to consumers who might otherwise be ineligible for an auto loan.

Austin police filed computer intrusion charges against Ramos-Lopez on Tuesday.


"Life is a waste of time. Time is a waste of life. Get wasted all the time, and you'll have the time of your life!"
 
View user's profileSend private messageVisit poster's website
Hacker
Banned
Joined: Sep 13 2008
PostPosted: Mar 19 2010 01:55 pm Reply with quote Back to top

It's a good idea but what about the people who pay for their cars? The dealership should (if it doesn't) offer a free service to remove the box.

And secondly they should have predicted something like this would happen WAY early on. Instead of completely immobilizing the car regular employee accounts should have the power mess with the horn (a fix that makes it say "late payment" or something to that effect would be better). The power to "brick" the car should only rest with top officials (e.g. managers, regional managers, the owner of the company) to avoid crap like this



 
View user's profileSend private message
The Opponent
Title: Forum Battle WINNER
Joined: Feb 24 2010
Location: The Danger Zone
PostPosted: Mar 19 2010 02:51 pm Reply with quote Back to top

This is why I find it hilarious when a hacker seizes control of a moving car in a movie.


I'm not a bad enough dude, but I am an edgy little shit. I'll do what I can.
 
View user's profileSend private messageVisit poster's website
Slayer1
Title: ,,!,, for you know who
Joined: Sep 23 2008
PostPosted: Mar 22 2010 04:21 pm Reply with quote Back to top

Just reading a part of that story made me laugh... just the concept is great
View user's profileSend private message
Display posts from previous:      
Reply to topic

 
 Jump to:   

SydLexia.com :: Credits