homepage Welcome to WebmasterWorld Guest from 107.22.37.143
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Website
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
Cars Remotely Disabled by Hacker
engine




msg:4100301
 12:44 pm on Mar 18, 2010 (gmt 0)

Cars Remotely Disabled by Hacker [wired.com]

More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments.

Police with Austin’s High Tech Crime Unit on Wednesday arrested 20-year-old Omar Ramos-Lopez, a former Texas Auto Center employee who was laid off last month, and allegedly sought revenge by bricking the cars sold from the dealership’s four Austin-area lots.




The dealership used a system called Webtech Plus as an alternative to repossessing vehicles that haven’t been paid for.


 

rocknbil




msg:4100529
 5:41 pm on Mar 18, 2010 (gmt 0)

The whole remote control thing is scary, I think. They advertise it as a feature, sold on the cool factor, but it's really just a way to always know where you are at any time. Plant a chip in my head and get it over with already . . .

youfoundjake




msg:4100796
 2:04 am on Mar 19, 2010 (gmt 0)

It appears that it was due to a laid off employee which is where quite a bit of malicious activity occurs. Passwords should have been changed. I can understand the company wanting to be able to brick the car for lack of payments, makes sense, no dangers like repo'ing. I would be more alarmed if someone not previously associated with the company was able to accomplish the same task.
I wonder what this will do to sales at the 4 dealerships

bhonda




msg:4100938
 11:42 am on Mar 19, 2010 (gmt 0)

Passwords should have been changed

From what I gather, the ex-employee's account was disabled, and he used the account of another employee, whose credentials he knew.

Should their policy be that whenever somebody leaves, all passwords for all users should be changed?

Seems a bit excessive, but I guess in this case would have worked fine!

sonjay




msg:4101086
 4:54 pm on Mar 19, 2010 (gmt 0)

The troubles stopped five days later, when Texas Auto Center reset the Webtech Plus passwords for all its employee accounts


Five days it took them to figure out to change all the passwords!

grandpa




msg:4101345
 10:58 pm on Mar 19, 2010 (gmt 0)

“Omar was pretty good with computers,” says Garcia.


No he wasn't. He got caught because he was traced by his IP address to his AT&T internet account.

Austin police filed computer intrusion charges against Ramos-Lopez on Tuesday.


Not very good at all, Omar.

Habtom




msg:4101441
 7:29 am on Mar 20, 2010 (gmt 0)

Should their policy be that whenever somebody leaves, all passwords for all users should be changed?


If he was in control of user accounts, yes. But what is to consider is here the other employee shouldn't have shared his/her personal credentials.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved