millions of vehicles could be vulnerable to being hacked and quite literally taken over thanks to a certain device they all have in common also in your hacking used Roundup hackers can open 3 million doors and Bad actors are cracking passwords in your browser but first electronic logging devices are relatively new but also relatively boring these things are installed in many trucks to lock driving hours distance driven and a bunch of other things all to ensure compliance with laws about how many
hours that drivers can work these electronic logging devices or elds are quickly replacing older systems that do the same kind of logging like tachographs which log the same kind of data but to paper and the slightly more modern digital tachographs that log data to Smart cards for decades these Solutions have been used without much issue however elds are the next Evolution everything is done by some iPad Mini looking thing but unsurprisingly the smartaction of the basic needs to log simple data
has had some disastrous security consequences that security researchers have written a whole paper about and the consequences here aren't just limited to some bad guy stealing a driver's time sheet elds are connected directly to a vehicle's OBD ports or more common in heavy Goods Vehicles their 9pin diagnostic ports and aside from just Diagnostics access to these interfaces could give a hacker direct real-time control over the vehicle which would allow them to accelerate decelerate deactivate a
irbags interfere with steering assist and a lot more all in real time the exact extent of what a hacker could do really depends on the make and model of the vehicle but regardless you do not want to give a hacker access to this interface it's doubly important that these things stay secure because more often than not truck drivers simply don't have a choice whether to have an ELD in their vehicle because in the US they requires by law and other countries are quickly following suit as per us regul
ations there's a whole list of features that elds must Implement one of which is wireless and Bluetooth capabilities so that a roadside safety inspector can easily check whether a driver has gone over their working hours limit but in this long list of required features there's no mention of security practices which has led to some problems firstly the researchers founds that the Wi-Fi network names for these devices are often very predictable so they're trivial to identify once a hacker has iden
tified an ELD gaining access to it is easy thanks to the fact that these things often come with weak default passwords once connected an attacker is able to access a web interface that allows them to upload un assigned firmware which in a matter of seconds gives them total control over the device and by extension the vehicle it's connected to the researchers demonstrated this they were able to drive up alongside a truck upload new firmware take control of it and force the vehicle to slow down an
d stop of course this was all done in a controlled environment not just to some random truck on the road but it gets worse the researchers discussed the realistic potential for a truck to truck worm as in a single hacked ELD could itself be programmed toid identify other nearby elds and infect them and so on and so forth causing a chain reaction that could result in whole fleets of vehicles being taken over however there are some limitations to these vulnerabilities you see there are hundreds of
different models of elds on the market and the researchers only found a small number to be vulnerable and aren't disclosing which ones because the issue still isn't fixed but in a bit of a Twist the researchers discovered that there are really only a few tens of distinct ELD models actually in use because a lot of these devices are actually just rebranded versions of each other that under the hood use the same hardware and firmware given that tlds are used in 14 million vehicles in the us alone
you can see how it would only take a few vulnerable models to result in many thousands of exploitable vehicles and the FBI actually warned of these problems years ago putting out an advisory in 2020 just months after elds became a legal requirement raising the alarm that whilst the Mandate does provide safety and efficiency benefits it makes no mention of security requirements however there's been no news of these things actually being exploited in the wild at least not yet but whilst elds aren
't actively under attack something that is is your personal data which today's sponsor can help you do something about this video is sponsored by delete me the guys who help you take control of your personal data which is under attack by data Brokers data Brokers are a little known scourge of the internet they spend their time scraping the web for your personal data building a profile on you that might contain your name address phone number photos relatives there's a long list then they sell thi
s profile to other companies or in many cases just random individuals who are willing to pay a couple dollars for a person search and there are cases of the data that these guys sell being used to enable Sim swapping doxing or even stalking but delete me can help protect you from these risks and it works like this you provide your data to delete me after all they need to know what they're looking for then they'll check hundreds of data Brokers for your data and within just 7 days a personalized
report on what they found in my case delete me searched over 1,000 listings finding six data brokers who had 72 pieces of personally identifiable information on me but the best part is delete me sense removal requests on my behalf so I don't even have to lift a finger taking care of your personal data is essential in today's world and so delete me is giving you guys 20% off their eligible plans with my code stonic more details in the description if you're watching this video from a hotel room an
d your door lock just so happens to look like this or this then I have some bad news security researchers have uncovered critical flaws in a brand of Hotel door locks that are used in over 13,000 hotels worldwide with in total over 3 million vulnerable doors now it might just be the Mandela effect but I'm pretty sure I've seen these locks all over the place but these are just the two most common affected devices the problem impacts a whole series of locks made by the company dmaba and as you mig
ht have guessed the exploit simply gives a bad guy the ability to open a vulnerable door and it works like this an attacker first needs to obtain a key card used by the hotel they could do that just by booking a room for the night or simply grabbing an expired card from the Express checkout box with a card in hand it's possible to read the data from it and aduce a certain hotel specific code this can be done with a prox Mark II flipper zero or any NFC capable Android phone then with knowledge of
that hotel specific code an attacker can program two new key cards the first card is used to Repro a Target lock and the second card spoofs a master key that opens it and voila they have access to every room in the hotel now whilst I'd love to give you a more technical explanation on how this works I just can't because it's all under wraps for reasons that will become clear shortly the researchers who discovered the vulnerability explained that they developed this technique at a private event a
t Defcon a couple years back during the caffeine fueled hackathon they managed to reverse engineer certain key card management software as well as the device used by SS to reprogram door locks then like any responsible hacker they disclose the vulnerability to Daka in September of 2022 so why are we only hearing about it now and why aren't there any technical details well this is a very messy problem to solve I mean a fix has been developed but implementing it is very timeconsuming and expensive
all vulnerable locks require a software update key cards need to be replaced and card encoders used by Hotel staff need to be upgraded to make matters worse the line of affected Bo has been in use for 36 years in that time many hotels have introduced third-party systems like key card operated lifts or Payment Systems which also need to be updated or maybe even ripped out and replaced but don't go feeling too bad for affected hotels here because for a hotel to be vulnerable they need to be using
the affected locks as well as mea classic key cards which themselves are famous for having many security vulnerabilities that have been known about for years as for those vulnerable locks as of March 2024 only 36% of them have been updated which means there's still millions of vulnerable locks out there as such the researchers aren't spilling any of the technical beans and they're certainly not releasing any proof of concept code I mean the last thing we need is to put this in the hands of flip
per zero Tik talkers though if you happen to be watching this from a hotel room have a vulnerable lock and are wondering if you're at risk one thing you can do is to scan your key card with one of the many freely available apps to check if it is in fact a meair classic if so then the a good chance You're vulnerable but I suppose you can take some reassurance from the facts there aren't any reports of this being exploited in the wild at least not yet hackers have turned hundreds of otherwise inno
cent WordPress sites into command and control servers that Force the browsers of unwitting visitors to join in on a distributed password cracking campaign it works like this if you merely visit one of these infected WordPress sites malicious code embedded in the sit will serve your browser a victim sit's URL username and a list of 100 potential passwords then malicious code running in your browser will try to log into that victim site cycling through the list of potential credentials this all of
course happens totally in the background so you'd have no idea well unless you go poking around in devorss the brute forcing is all made possible by using a feature in WordPress that enables logging into a site via an API many WordPress site owners just aren't aware of the security problems this feature introduces though it is easy enough to turn off after your browser has unwittingly The Brute forcing it'll report the results of its little experiments back to the attacker controlled server bef
ore requesting yet another password cracking task this cycle keeps on going until you finally navigate away from the infected web page this is a pretty clever way of password cracking because these login requests will all be coming from the browsers of real people so they're much harder to detect and block compared to if they were all coming from a single VPS and the hackers here really do have a small army of sites engaged in this we can use a source code search engine to find out just how many
sites are referencing the malicious JavaScript and as of making this video there's over, 1600 of them this campaign was discovered by researchers at secury who determined the purpose of this distributed password cracking operation to be to increase the hacker portfolio of compromised sites so they can be used to push crypto draining malware the kind that upon visiting a site tempts you with the promise of something silly like a potentially lucrative nft all you have to do is connect your crypto
wallet which is of course a bad idea that will only result in your crypto being drained dry but the question remains even if you don't fall for the crypto drainers how can you stop yourself from becoming an unwitting participant in the password cracking side of things well ublock origin seems to be the answer I did a very unscientific test with a few different ad blockers but in this case ublock origin was the only extension that successfully blocks the Hacker's domain as always thanks for watc
hing and I'll see you in the next video have a good one
Comments