From smart speakers to connected automobiles, the Internet of Things (IoT) has become a primary target for cybercriminals. Security researchers discovered that hackers are targeting internet-connected Gas Stations to launch IoT-based cyber-attacks.
Researchers at Trend Micro discovered that internet-connected Gas Pumps are vulnerable to IoT-based attacks. In its recent report, the Internet of Things in the Cybercrime Underground, Trend Micro described how the Russian hackers are benefited from the Russian government’s new directive, which mandates to replace all electricity meters in the country with smart meters.
Trend Micro stated that it surveyed in dark web marketplaces in English, Spanish, Russian, Portuguese, and Arabic languages.
According to the researchers, hackers in Russian dark web forums are requesting information on how to exploit smart meters. Some hackers are even selling altered smart meters in the underground market forums. Researchers also revealed that they’ve seen tutorials on gas pump hacking in Portuguese language forums, including step-by-step procedures on how to hack connected meters.
“Users in the Russian underground are interested to know the latest news about IoT attacks sourced from the information security world. The money-driven criminals make up a market thriving with exploits for routers, customized firmware for smart meters, talks of hacking gas pumps, and router-based botnets for sale. There is a variety of conversations taking place around devices, including fewer common platforms. Most of these talks have a monetization angle. In general, a Russian underground is a place for business where hacking and technical information is mere details,” researchers said in a statement.
“The Portuguese-speaking criminal underground is composed of web forums mostly populated by Brazilian users. These users also connect through some other private chat rooms, for example, Telegram, WhatsApp, and Discord. We saw requests for information and hacking tutorials. But the most interesting ads we saw are those for services that use infected routers and similar devices as the basis for further criminal services. This is the case for “KL DNS,” which is a kind of service sold on Brazilian forums to perform fool proof phishing campaigns combined with DNS redirection and, in some cases, SMS spamming,” the statement added.
