HQ/EMEAFind out how we can help your business
A cybercriminal campaign has exploited automated methods to gather automaker accounts from well-known companies worldwide. The incident enabled the actors to steal valuable information about thousands of vehicles.
Recent investigations believe the threat actors behind these attacks have leveraged bots to execute automated account takeover (ATO) tactics. This strategy allowed them to gain unauthorised access to crucial information, such as car make, model, registered user details, addresses, and vehicle identification numbers (VINs).
The identity of these car manufacturing companies that suffered the attack remained undisclosed. However, a recent investigation claimed that one company from Europe and two from the United States had fallen victim to the attack.
Thousands of automaker accounts are circulating the threat landscape as of now.
Based on reports, more than 15,000 automaker accounts now circulate the threat landscape. The attackers listed each impacted account for sale for only $2.
These accounts could cause more malicious activities once other threat actors acquire and misuse the VINs. Such information could aid the threat actors in executing identity theft, allowing them to target specific car models, register stolen vehicles, and infect GPS-enabled mobile automobile applications.
The cybercriminals could have followed a multi-step process to obtain these details. These hackers could have loaded bots with login credentials stolen from various websites.
This technique exploits many users’ common habit of password reuse across different platforms. One of the bots could have successfully breached an account, which allowed the hackers to systematically gather necessary information and transmit it to their servers, completing the ATO phase of the operation.
These campaigns that affect the most prominent companies worldwide will have a massive impact if not appropriately addressed. The threat actors who acquired the stolen information will likely sell it or use it for future attacks that could compromise numerous individuals.
Therefore, every relevant individual who could suffer the consequences should remain vigilant and apply proper cybersecurity hygiene. Everyone should be careful in accessing emails, especially related ones since the companies affected by the attack are still unknown.
