[ISN] Hacker Disables More Than 100 Cars Remotely

From: InfoSec News <alerts_at_private>
Date: Thu, 18 Mar 2010 00:52:59 -0600 (CST)

By Kevin Poulsen  
Threat Level
March 17, 2010

More than 100 drivers in Austin, Texas found their cars disabled or the 
horns honking out of control, after an intruder ran amok in a web-based 
vehicle-immobilization system normally used to get the attention of 
consumers delinquent in their auto payments.

Police with Austin's High Tech Crime Unit on Wednesday arrested 
20-year-old Omar Ramos-Lopez, a former Texas Auto Center employee who 
was laid off last month, and allegedly sought revenge by bricking the 
cars sold from the dealership.s four Austin-area lots.

"We initially dismissed it as mechanical failure," says Texas Auto 
Center manager Martin Garcia. "We started having a rash of up to a 
hundred customers at one time complaining. Some customers complained of 
the horns going off in the middle of the night. The only option they had 
was to remove the battery."

The dealership used a system called Webtech Plus as an alternative to 
repossessing vehicles that haven't been paid for. Operated by 
Cleveland-based Pay Technologies, the system lets car dealers install a 
small black box under vehicle dashboards that responds to commands 
issued through a central website, and relayed over a wireless pager 
network. The dealer can disable a car's ignition system, or trigger the 
horn to begin honking, as a reminder that a payment is due. The system 
will not stop a running vehicle.


Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
Received on Wed Mar 17 2010 - 23:52:59 PDT

This archive was generated by hypermail 2.2.0 : Thu Mar 18 2010 - 00:04:44 PDT