Hackers in The Fast Lane: Race Against Automotive Attacks
- CyberSpeak Labs
- Nov 24, 2024
- 2 min read
Two threat actors, @intelbroker and @EnergyWeapUser, have recently risen in prominence, claiming to have breached multiple automotive companies and their technologies. Their alleged targets include major names such as Ford and Tesla's EV charging stations.
This isn’t the first time these threat actors have made headlines. In October, they claimed responsibility for leaking sensitive information from Cisco and Nokia, further cementing their notoriety.
Currently, both X accounts associated with these actors have been suspended. However, the motivations behind this surge in cyberattacks remain unclear, leaving the industry on high alert.
Obtained Information
On November 17th, @EnergyWeaponUser posted on a breach forum claiming to have obtained sensitive data from over 44,000 Ford customers. The stolen information reportedly includes names, customer details, and Ford product data. According to multiple sources, the threat actor was offering to provide this data in exchange for a small credit payment through the Dark Web.
Numerous news outlets have reached out to Ford regarding these claims, but the company has not provided any evidence confirming the breach or indicating that customer information was compromised within their network. However, Carscoop suggested that the breach may have originated from a third-party service provider used by Ford. According to their understanding, while the third-party may have been the source of the breach, the issue is believed to have been resolved.
On November 19th, @EnergyWeaponUser and @intelbroker posted on a breach forum, claiming to have leaked information from Tesla's EV Charging Station.
According to other posts by researchers, the threat actors claim to have obtained 116,000 rows of user information from the EV database. This data is reported to include, but may not be limited to, full names, VIN numbers, and vehicle make and model. Researchers have also disclosed that this breach appears to have primarily affected users in the Middle East.
How Did it Happen and Lessons Learned
As of now, there has been no official release detailing how these breaches occurred. However, thanks to the cybersecurity community, this serves as a crucial reminder to regularly review third-party relationships and maintain strong coding practices within your organization.
If you believe you have fallen victim to a cyber breach or had your information stolen, please follow the laws and regulations in your country for reporting such incidents.
Comments