Far be it from me to pass up an opportunity to talk about a highly intellectual academic study with hints of an inevitable “Dystopian Future” and/or “Zombie Apocalypse” and/or both! But a new research paper was introduced to the public last week by Skanda Vivek of the School of Physics of the Georgia Institute of Technology in Atlanta, Georgia. The paper itself discusses the vulnerabilities effecting most all internet connected cars these days, as well as how these vulnerabilities could theoretically be exploited by hackers or other threat actors in the present and into the future.
Perhaps most interesting though were Vivek’s statistics indicating that a major hack effecting only 10% of all internet connected cars in a city such as New York for example, would be enough to cause gridlock and shut down all transportation across city streets entirely. His full findings were released in a new research paper entitled “Cyber-Physical Risks of Hacked Internet-Connected Vehicles,” presented to an audience of his peers at the 2019 American Physical Society summit in Boston last week. You can browse through and/or download his whole research presentation below – you’re welcome 🤓.
Download Full Research Paper Here: https://arxiv.org/pdf/1903.00059.pdf
Read for Yourself:
On December 17th 2018 “Qurlla,” the original founder of New World Hackers, announced a hack of the website belonging to the International Airport of Atlanta, leading to the leak of approximately 764 passports online. In a press release on Twitter, Qurlla explains how he was able to compromise the airports website via SQL injection through one of the sites web pages, though the specific URL effected and payload delivered were not disclosed to the public.
In statements to Rogue Media Labs, Qurlla explained that he found the vulnerability while “testing the security of the Atlanta Airport.” Explaining how “the website was vulnerable to SQL injection and their WAF wasn’t good enough to prevent the attack.” Adding that he might not have “fully downloaded the file from the database properly though,” but “they never patched the vulnerability, so if I try again to get root access I’d probably deface the site.” Qurlla says that despite tagging the airport in the hack/leak, officials have never responded to or tried to touch base with him about the incident.
One of the most active and influential groups in late 2016 and early 2017, New World Hackers is well known inside various hacking circles. However, after going dark for a brief time it appears as though the group is ready to make a comeback. In fact, when asked this very question, if the group is preparing to make a comeback, Qurlla responded “Yes, we are dumping databases, a variety of accounts and cracking tools. Not to mention social engineering methods to get free products xDD.” New World Hackers officially launched a new website on November 17th 2018, featuring various forums, data dumps/leaks and an online chatroom, access to which you can find here: https://newworldhackers.com
Website Effected: hxxps://www.atl.com/
Passport Database Download (617.57 KB): https://anonfile.com/6fSeW3nfbe/Passport764_pdf
Example of Hacked/Leaked Data: