Ex-Car Salesman Remotely Disables 100 Cars
On Wednesday police in Austin, Texas arrested a 20-year old man on suspicion of remotely disabling more than 100 vehicles sold through his former place of employment, Texas Auto Center.
Wired reports that more 100 drivers in Austin had their cars disabled or had their car horns start to honk uncontrollably after an intruder ran amok in a web-based vehicle-immobilization system used by Texas Auto Center.
Webteck Plus, offered by a company called Pay Technologies, is used to remind customers who are late on their car payments that they're falling behind. A small black box is installed under the dashboard and it responds to commands issued from a central website.
When 20-year-old Omar Ramos-Lopez was laid off, he allegedly broke into the system and disabled or tampered with over 100 cars sold through his employer's dealerships.
"We initially dismissed it as mechanical failure," Texas Auto Center manager Martin Garcia said. "We started having a rash of up to a hundred customers at one time complaining. Some customers complained of the horns going off in the middle of the night. The only option they had was to remove the battery."
The problems stopped once the system was reset and all the passwords changed, however, IP logs from PayTeck traced the breach to one Ramos-Lopez’s AT&T internet service. The ex-employee accessed the system through another employees account and began tampering with and disabling vehicles via specific name searches. Once Ramos-Lopez realized he could pull up a list of all the cars equipped with the technology (more than 1,000), he began going down the list, disabling cars in alphabetical order.
The 20-year-old faces computer intrusion charges for gaining unauthorized access to the system.
- Google, Intel and Sony Team Up for Google TV
- Streetlight Collects Sun Power to Light the Night
- Infinity Iron: The Future of Wrinkle-Free?
- Windows Phone 7 Won't Have Copy & Paste [UPD]
- USB Storage Confirmed on Xbox 360
- Xbox 360 'Slim' CPU/GPU, Motherboard Leaked?
- BrainPort Allows Blind Man to See With His Tongue
- Microsoft On Windows Phone 7 Minimum Specs
- Twitter CEO: Stop All That Twittering
- VIDEO: Sony's First Move Ad Rags on Competition
- The 20 Cell Phones Giving Off the Most Radiation
- Professor Uses RPG-like Exp Rather Than Grades
- Password-Stealing Virus Targeting Facebook Users
- USB-Based Mass Storage Coming to Xbox 360
- Internet Explorer 9 Will Never Work on XP
- Google: Viacom Secretly Uploaded to YouTube
- 24Hrs of Video Uploaded to YouTube Every Minute
- Google's Nexus One Now Ready for AT&T, Rogers
Doh
hum.. if that guys had been working for Toyota they would have promoted him. think about it, he could have stopped those car from accelerating
(jk)
He obviously was not behind 7 proxies...
fail
Disgruntled idiot.
Did he REALLY think that he can't be traced back?
And why take the vandalism to customers?
Jail time!
What a shitty system that gives employees direct access/logins to disable 100s of customer cars.. What if they were driving on the freeway? I smell a lawsuit. This should be done on a VPN and only give access to management to disable a vehicle. I work for Mercedes and you need an actual police report before they will even attempt to give the location of a stolen vehicle. Yikes.
Yeah, and are the customers aware that they are buying cars with a backdoor lo-jack installed? I would be pretty damn pissed if I found out my vehicle had crap like this installed without my knowledge and consent.
So after I am done paying for the car does that mean they still have access to my car. Or do they remove the drm? I mean the black box. Sorry thought I was talking about assasins creed there. /end sarcasm
Sounds like a plot for a Hollywood movie.
lol ... automotive drm ..... ubisoft pay attention you need to fail even harder to keep up with these gays ...
Proxies...
Fail.
This is why I prefer vintage cars since they WORK and don't have any of this crap in them. Bad day when this crap happens and you really need to get some ware.
This is why you never share your password. All the security measures in the world can be compromised by a user with a crappy password or giving it out to a friend.
From Webtek Plus's point of view, there really is nothing they can lock down more to avoid this in the future. They already had the fired user's name blocked.
Way to go on ruining your salesmanship career.
Oh and also...
Jail for you.
He obviously was not behind 7 proxies...fail
Yep, he obviously wasn't!
But you don't even need to go that far and take a small chance they'll still track you back. I would just go to any public hot spot, of which they are plenty now, and use my laptop over there. Also, wear something that would not make you easily identifiable in case there are security cameras.
And yeah, using your own personal internet account for that (or one that can be easily linked to you) was a really dumb idea.
tethoma,
Not true, Like I said that system should be on a VPN and should only be accessible to management. I cannot access any of our web apps or customer information from my house.
Funny that they see the need to have the system at all, if you are ignoring the letters/calls telling you to pay up... are you really going to pay if they disable your car?
Someone once asked me why I thought it was a horrible idea to put a remote digital kill switch in vehicles.
/argument
Any abuse to a system that shouldn't exist in the first place gets my approval. Especially when some other jerk is willing to take the fall for it. Thanks dood!
"The car must be connected to the internet for it to run"
"The car must be connected to the internet for it to run"
What are you talking about?
What are you talking about?
It's a play on DRM.
I'm surprised this has not happened earlier because the people that work at these dealers are crooks literally many of them have records.
lol what the hell was he thinking. then again, who thinks before doing anything nowadays?
Disgruntled idiot.Did he REALLY think that he can't be traced back?And why take the vandalism to customers?Jail time!
Indeed, wifi hotspot FTW eh?
Sounds like a plot for a Hollywood movie.
Haha, that would be fantastic, hopefully they can have the left 4 dead team come up with a cool/yet cheesy slogan for the movie poster
"The car must be connected to the internet for it to run"
If it gets disconnected while you're out shopping, your car will have returned back home
Yeah, and are the customers aware that they are buying cars with a backdoor lo-jack installed? I would be pretty damn pissed if I found out my vehicle had crap like this installed without my knowledge and consent.
Companies that "protect" their businesses with questionable practices are more widely spread than you would think. The thing is that it's completely legal because the buyer purchasing the vehicle is completely aware of it. The people buying from places like this have a very poor credit record and are considered high risk and could not get financing elsewhere. The company selling the vehicle retains complete control until you have finished paying double what the car is worth at the incredibly high rip off interest rate. It's called the screwed if you do, screwed if you don't business model.
Umm.. this system is used for people who OTHERWISE CAN NOT GET LOANS due to credit issues, and is PART OF THE CONTRACT. Not to mention it is a BLACK BOX sitting on the dashboard and cannot disable a MOVING VEHICLE.
So yeah, the guy should go to jail, but dont lose too many tears about the people with the cars. Without this service they probably would be on a bus.
That's sort of funny but uncool at the same time...
What a shitty system that gives employees direct access/logins to disable 100s of customer cars.. What if they were driving on the freeway? I smell a lawsuit.
I know a little about that system because I know someone who bought one of those cars and didn't make a couple payments on time. They disable starting the engine, they do not turn off a car that's already running. The seller ACCIDENTLY shut the WRONG car off one time when this person was parked at the gas station...
Umm.. this system is used for people who OTHERWISE CAN NOT GET LOANS due to credit issues, and is PART OF THE CONTRACT. Not to mention it is a BLACK BOX sitting on the dashboard and cannot disable a MOVING VEHICLE.So yeah, the guy should go to jail, but dont lose too many tears about the people with the cars. Without this service they probably would be on a bus.
Double? This girl I know just started payments for a car from one of these guys at $5,000. It's a 2002 Pontiac subcompact with 160k miles...worth about $1500 on the open market.
And there are no busses here.