יום חמישי, 9 בנובמבר 2017

An anti theft system allowing attackers to kill remotely the engine in electric scooters made by INOKIM/MyWay, affected model - model Quick 3.


Claim: An anti theft system allowing attackers to kill remotely the engine in electric scooters made by INOKIM/MyWay, affected model - model Quick 3.




MYWAY/INOKIM created new model - Quick 3, This model has new mobile phone app.
The app has anti theft system, which allows the owners to remotely deactivate the engine, in any situation (on move or during parking), this by using Bluetooth connection to BT module in the electric scooter, It’s a feature.

Malicious attacker can use this Anti-Theft  feature, in order to deploy easy attack, and shot down the engine of the scooter, even while the driver is using it in high speed
Potential causalities can be injury or death.

The serial number of the scooter (VIN)  just like cars, is shown on the scooter with no physical protection, and that basically all you need to know in order to deploy an easy attack..
The anti thief option in the app, can be trigger any time as long as you have the VIN (Inokim serial number).

Risk: loosing control, Death, injury, road accidents etc.





Technical info:
Attacker can use at least two options in order to deploy attack:

1.VIN and Bluetooth
The VIN, a serial number of the scooter which supposed to be secret due to the potential uses, is shown on the shooter like many other cars, so attacker can take a picture of the scooter frame, or just look at it, and  then he can deploy attack with temporary username in the app, and verification by VINs of any scooter out there.





2.Remote control of victim's mobile phones, can allow attacker to control the phone of the owner/target remotely and then deploy an attack even from another country.

Example: Mircast, Trojan horse, spy software with full control of the phone, team-viewer, VNC.

Status:
Company didn't answer to emails sent by
29.07.2017
07.10.2017
National Cyber Security Authority in Israel, got notified and, no update has been given regards proactive changes in the company.

Since the feature is made  by design, and supposed to help preventing people from stealing the scooters, it's logic security problem, and not typical mistake, they knew about it.

P.S.
1.The way I got into the VIN problem, is by informers who shared with me the fear of using those scooters, included of live demo they made on their device, of how the scooter can be shot down remotely, in high speed.

The idea of using Mircast or Trojan horse and remote controlling the owner app is mine.

Since at least 3 other people knew about the problem, before it came to my attention, I decided that I must share it now.

Moreover, my research show that connected bikes and connected scooters are becoming very popular, so the community attention must be higher, into engines with remote killing switch..

I believe that international ISO, should make new working groups regards those small vehicles, protecting cars only can’t cover the immediate situation in the streets, we need to make cyber regulation for the new era of mini connected electric vehicles.

You are welcome to contact me for any request

Sources:


Video of the ECU and BT controller.

Android App


IOS app

User Guide Manual

Amitay Dan (popshark1)




יום שבת, 30 בספטמבר 2017

TeamViewer and Ninebot mini pro by Sagway = All Terrain Connected Robots platfrom


Sometime we need to create, hacking is part of it
As some of you realized, I'm testing many use cases of Sagway robot platform recently.

In Israel UMI, are lunching this days the new line of Sagway. included what called Sagway robot, and Ninebot Plus.

The revolution is here, and so are the hackers :)

In my opinion,the robots are coming and we better join the forces, secure them and find something good to do with them.

I have tried the use of Sageway in wedding, as a party pal, a dog trainer, and even tested it for feeding animals understanding that it will help them to hunt again and go back to the nature.

I was making my robot, a navigator for blind people - replacing dogs, it was tested as a carrier in the nature and I had so much fun, mostly.

Some people were trying to force me to shot it down, other were trying to take it, or just talk to it like a dog.

Actually it's much better then Tinder since it's a proactive magnet for girls with curiosity, so it's a win win situation..

I made many people smile, thinking  - much more then whom who didn't like it
In high tech area, I got less positive impression then traditional, so basically people in Mea Sheaarim or Jaffa were mostly much more friendly then the people who supposed to build our startup nation.

My ritual uses is basically shopping, it's so great to have a robot who can carry 100kg.

However, I lost many things because of it, I fall down so many times and felt like going back 25 years, being super active person with tons of creativity, imagination so I like it, I like robots, and so many people around.

Some people told me that I'm insane, other said - wow we want one of this.

This days I'm opening a new platform called RAAS - Robots As A Service.

I think robots can be used as ultimate recon tool for hackers, and red teams worldwide can use them to simulate attacks.

According to my basic tests, Sagway were built with security by design, but basically I'm addicted to it so I cant be objective, others will do this job this time.
I can said that having limitation of numbers as a password, its something which has been seen before in other company, and this is something to change.

The ability to make a DDOS attack is out there, and having Bluetooth as a connection, should be change to something stronger.

As long as a person is on the device, it's loosing most of the abilities to control it, but some option are open.









Sagway Robot



 Shopping time


 

First POC of using TeamViewer in lab mode

 


 Using TeamViewer in field operation





A wake up call - Last mile security

Due to my recent finding in verity of automotive last mile devices, I think we must wake up and start to secure the new era of transportation.

There are missing ISO, no regulation and no defense line.
Government are loosing control, and there is no legal way to secure the streets.
 
People are buying exposed devices, with anti thief mechanism which is in fact the best Trojan horse, backdoor.

Others are having full control of their bikes, and it's so cool so they don't see the side effect the new risk. 

Simple VIN number is all needed for some of the devices, and sometime it's even shown in the SSID.

I like this revolution, I love robots but we must do something before it will be too late. 

This is black flag 

Some companies made good devices, but the amount of conversion wireless kits out there, being operated with BMS/RTU/PLC must be taken care ASAP.
 
 
Connected scooters
Connected Bike
Connected Robots
Connected OneWheel
Connected  Skateboard
Connected Drones

I think the word Internet of things, is totally wrong, the focus should be any wireless connection, WIFI/BT/BLE/2.4/GSM/GPS/etc.


 The internet it's not a necessary needed in order to deploy attack, it's time to protect bikes and scooters

 









יום שלישי, 16 במאי 2017

Who Targets Me - Track which entities are targeting you with adverts

 This project is something to adopt in another countries..
Israel can be one of them.


"During the 2015 general election and 2016 referendum, campaigns spent millions of pounds purchasing highly targeted Facebook adverts. Voters were bombarded with messages tailored to their interests, location, age, gender and more. For the good of our democracy, it's time to throw some light on dark ads."






In the run-up to the general election, the Bureau is investigating how political parties and groups are using targeted advertising on Facebook to try to influence votes.

There has been a huge rise in political advertising on social media, which offers a much bigger audience for a much cheaper price than ads in newspapers or on billboards. A quarter of the last general election's total advertising spend was on Facebook, and social media is thought to have played a significant role in the victories of Donald Trump and the Vote Leave campaign.

The reams of personal information held by Facebook on its users means messages can be individually tailored for people with particular interests, who care about certain issues, or who live in marginal constituencies. The problem is that this type of advertising is in large part not subject to public scrutiny. Only Facebook knows what users are being shown what adverts - and privacy obligations combined with commercial interests mean that information is not publicly accessible.

A new project called Who Targets Me is attempting to address this, by recruiting social media users to share information on what adverts they are seeing. The Bureau’s new data journalism team the Bureau Local will analyze the data collected in an attempt to shed light on an opaque and rapidly growing industry.

The more people who get involved, the more detail we'll get about the scale and detail of the targeted messaging being used. Help us by signing up here - and read our story introducing the project and outlining our initial findings"



Chrome Extension 

Github 

twitter

המצור הדיגיטלי של טינדר על רצועת עזה והאזורים שמעבר לקו הירוק, ומה הקשר לצפון קוריאה?

For my English reader: I've found that Passport  feature which is part of Tinder Plus services , is not supported in Gaza and behind ...