homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

Cars Remotely Disabled by Hacker

 12:44 pm on Mar 18, 2010 (gmt 0)

Cars Remotely Disabled by Hacker [wired.com]

More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments.

Police with Austin’s High Tech Crime Unit on Wednesday arrested 20-year-old Omar Ramos-Lopez, a former Texas Auto Center employee who was laid off last month, and allegedly sought revenge by bricking the cars sold from the dealership’s four Austin-area lots.

The dealership used a system called Webtech Plus as an alternative to repossessing vehicles that haven’t been paid for.



 5:41 pm on Mar 18, 2010 (gmt 0)

The whole remote control thing is scary, I think. They advertise it as a feature, sold on the cool factor, but it's really just a way to always know where you are at any time. Plant a chip in my head and get it over with already . . .


 2:04 am on Mar 19, 2010 (gmt 0)

It appears that it was due to a laid off employee which is where quite a bit of malicious activity occurs. Passwords should have been changed. I can understand the company wanting to be able to brick the car for lack of payments, makes sense, no dangers like repo'ing. I would be more alarmed if someone not previously associated with the company was able to accomplish the same task.
I wonder what this will do to sales at the 4 dealerships


 11:42 am on Mar 19, 2010 (gmt 0)

Passwords should have been changed

From what I gather, the ex-employee's account was disabled, and he used the account of another employee, whose credentials he knew.

Should their policy be that whenever somebody leaves, all passwords for all users should be changed?

Seems a bit excessive, but I guess in this case would have worked fine!


 4:54 pm on Mar 19, 2010 (gmt 0)

The troubles stopped five days later, when Texas Auto Center reset the Webtech Plus passwords for all its employee accounts

Five days it took them to figure out to change all the passwords!


 10:58 pm on Mar 19, 2010 (gmt 0)

“Omar was pretty good with computers,” says Garcia.

No he wasn't. He got caught because he was traced by his IP address to his AT&T internet account.

Austin police filed computer intrusion charges against Ramos-Lopez on Tuesday.

Not very good at all, Omar.


 7:29 am on Mar 20, 2010 (gmt 0)

Should their policy be that whenever somebody leaves, all passwords for all users should be changed?

If he was in control of user accounts, yes. But what is to consider is here the other employee shouldn't have shared his/her personal credentials.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved