Search This Blog

Showing posts with label Automobile. Show all posts

WhatsApp Message Fraud Dupes Automobile Firm of Rs.1 Crore


A well-known automobile company, JBM Group, has been duped for Rs.1 Crore in yet another fraudulent incident that took place via fake WhatsApp messages. 

As per the police, the fraudster, in a WhatsApp message to the Chief Finance Officer of JBM, Vivek Gupta claimed to be the company’s vice chairman and had the money transferred to the bank accounts. As per the officials, a total of eight transactions had been made with seven different bank accounts, worth Rs 1,11,71,696. 

In the wake of the incident, an FIR has been registered against the unidentified fraudster under section 419 (cheating by impersonation), 420 (cheating) of IPC, and Section 66-D of IT Act at Cybercrime police station.

“The fraudsters claimed to be a JBM Group vice chairman Nishant Arya. The WhatsApp profile picture of the caller displayed Arya’s photograph. On verifying Truecaller, it reflected that the number belonged to Arya. I was also informed by the sender that he is busy in an important meeting, I could not directly call to make any further inquiry.” The CFO stated in his complaint. 

“I carried out the instructions of the sender under the bona fide impression that the instructions were coming from my superior Nishant Arya who needed to effectuate these transactions which were both very important and extremely urgent. The sums were transferred from two entities of the JBM Group, namely JBM Industries and JBM Auto. At the request of the sender, the UTR numbers confirming such transfers were also shared on the same WhatsApp chat,” Gupta further added. 

Serum Institute of India duped of Rs. 1 Crore via WhatsApp

Earlier this month, on September 7, a similar case was seen involving the Serum Institute of India (SII) which was duped for Rs. 1 Crore via a WhatsApp message sent by the threat actor posing as its CEO Adar Poonawalla. The messages were being sent to one of the institute’s directors. The transactions were then made to a few bank accounts, worth Rs. 1,01,01,554. 

The police officials are looking for the identity of the accused, the one who sent the fraudulent messages, and the holder of the bank accounts to which the transactions were made. 

How to Avoid Cyber Fraud?

With ever-increasing cases of cyber fraud via WhatsApp and other popular messaging platforms,  users are recommended to stay vigilant and follow exercise caution to avoid any scam that may result in financial loss. Users must follow the given steps in order to safeguard themselves against cyber fraud: 

1. Ensure to crosscheck the identity of a person or entity, if you receive messages from an unknown contact, claiming to be someone you know. 

2. Crosscheck the authentication of the source from where you are receiving the messages. 
3. Do not share your bank details with anyone. Since banks do not ask for such details, be cautious if the messages claim to be delivered from a bank. 

4. Do not click on the links sent by a suspicious number. The link may lead to malicious websites that are capable of duping you into revealing your passwords and sensitive information.

Cyberfraud has become an increasingly troublesome form of cybercrime as more and more people are falling prey to different forms and kinds of cyberfraud. While reporting it to the cybercrime branch of the police is one solution, netizens must stay wary of lures presented on social media to trap them for financial purposes.

Hackers Can Use a Replay Attack Due to a Honda Vulnerability


A 'replay attack' vulnerability has been discovered in specific Honda and Acura automobile models, allowing a nearby hacker to open the car and even start it from a short distance. The threat actor captures the RF signals transferred from the key fob to the automobile and resends them to gain control of the victim's car's remote keyless entry unit. 

A hostile hacker can employ a replay attack to mislead a website or service into giving them access to the user by recycling the information used to identify the user. If a hacker can find and repeat a specific string of information, someone can use it to deceive a website into believing it was there, allowing anyone to get access to the online account.

Attackers might utilize CVE-2022-27254 to perform a Man-in-the-Middle (MitM) attack, or more particularly a replay attack, in which someone intercepted and manipulated the RF signals sent from a remote key fob to the automobile, and then re-transmitted these signals at a later time to unlock the car at his leisure. 

According to analysts, Blake Berry, Hong Liu, and Ruolin Zhou of the University of Massachusetts, as well as Cybereason Chief Security Officer Sam Curry, who discovered the vulnerability, the vulnerability in earlier models is mostly unaddressed. Honda owners, on the other hand, maybe able to defend themselves against such an attack. The remote engine start portion of the problem is also demonstrated in a video supplied by the researchers, however, no technical details or proof-of-concept (PoC) exploit code were published at the time. 

The Honda Civic (LX, EX, EX-L, Touring, Si, and Type R) models from 2016 through 2020 are the most afflicted by this issue. In a GitHub repository, Blake Berry explained it was also possible to change the intercepted commands and re-send them to get a completely different result. 

According to the experts' recommendations, automotive manufacturers should include "rolling codes," also known as "hopping codes." This security method responds to each authentication request with a unique code, ensuring the codes cannot be "replayed" by an offender at a later time. However, "At this moment, Honda has no plans to update older vehicles," the company stated. "It's crucial to remember this, while Honda is always improving security features as new models are released, motivated and technologically sophisticated thieves are striving to circumvent those safeguards." 

When not in use, users should store the key fobs in signal-blocking 'Faraday pouches', however, this strategy won't prevent a determined attacker from eavesdropping on signals when the fob is utilized. Consumers should choose Passive Keyless Entry (PKE) over Remote Keyless Entry (RKE), which makes it much tougher for an intruder to clone/read the signal due to the closeness they would need to be at to do so.

BMW and Hyundai Networks Compromised by Vietnamese Hackers

Hackers allegedly having links to the Vietnamese government have hacked the networks of two leading automobile manufacturers, BMW and Hyundai, according to the recent reports from the German media.

At the same time, eliminating the novelty from the incident, the reports by Bayerische Rundfunk (BR) and Taggesschau (TS) are making claims that around spring this year, the networks of a BMW branch were breached by attackers.

Reports suggest, hackers installed 'Cobalt Strike', a penetration testing toolkit onto the targeted networks; it was employed as a backdoor through which the compromised networks were intruded by attackers.

Supposedly, BMW was acquainted with the attacker's operations and let them continue to penetrate further into their networks. However, the company brought it to an end by putting a restriction onto the illegal access in the last week of November.

According to the findings, the attackers who compromised BMW's networks also no infected South Korean multinational automotive manufacturer, Hyundai. However, no additional information has been provided regarding the Hyundai breach.

The group behind these attacks, Ocean Lotus (APT32) has been in the cybercrime ecosystem since 2014 and is popular for targeting the automobile sector.

Referencing from the reports, "The attack of the alleged Vietnamese hacker group began in the spring of 2019. Last weekend, the automobile company from Munich finally took the computers concerned off the grid. Previously, the group's IT security experts had been monitoring the hackers for months. This is the result of research by the Bayerischer Rundfunk. Also on the South Korean car manufacturer Hyundai, the hackers had it apart."

"The Federal Office for the Protection of the Constitution also follows the hackers of OceanLotus. "The grouping of OceanLotus has already become important, and one should keep an eye on the development, especially because of the target range automotive industry," said a spokeswoman. In the summer, the German Association of the Automotive Industry (VDA) sent an e-mail to its members. The subject was: "Warning message from the Federal Office for the Protection of the Constitution about poscyberattacksttacks (OceanLotus) on German automobile companies." In the e-mail, the BR research, the hacker's procedure is described in detail." The report reads.

MyCar exposes thousands of vehicles to hackers

A cybersecurity researcher claim to have found a series of vulnerabilities in a remote-based automobile app 'MyCar' that might have exposed more than 60,000 cars to hackers.

During a conference in Las Vegas on Saturday, the security expert who goes by the name Jmaxxz, identified several issues in an app 'MyCar' developed by a Canadian Automobility company.

According to the exposed database, the expert estimated that roughly 60,000 cars were vulnerable to theft by security flaws, through this exposed data hackers could even choose which car model they want to steal.

The app MyCar connects "to radio-based remote start devices like Fortin, CodeAlarm, and Flashlogic using GPS and a cellular connection to extend their range using an Internet connection."

The security flaws are far beyond theft or remote alarm-triggering pranks. However, starting of a car without the owner's knowledge could lead to dangerous carbon monoxide leaks which could be fatally dangerous.

MyCar's parent company has said that they have started investigating into the matter and would promptly solve the flaws.