San Francisco: Malicious hackers can remotely turn off the lights, honk the horn, open the trunk, and activate the windshield wipers by hacking into the Tesla’s infotainment system, the media reported.
The researchers, who work for France-based security firm Synacktiv, discovered the three vulnerabilities that can be used to hack into Tesla.
The worst-case scenario enabled by these vulnerabilities, at least as far as the researchers are aware, is to annoy and potentially disrupt a driver, reports TechCrunch.
However, Tesla told the researchers that they couldn’t have turned on and off the car, or steered the wheel.
But, one of the researchers, Eloi Benoist-Vanderbeken, believes it might have been possible, said the report.
“Tesla mentioned we wouldn’t be able to turn the steering wheel, accelerate or brake. But from our understanding of the car architecture we are not sure that this is correct, but we don’t have proof of it,” Vanderbeken was quoted as saying.
The researchers didn’t have full access to a Tesla at that time, but they look forward to fact-checking the company’s statements once they do.
Moreover, the report mentioned that the first vulnerability was exploitable via Bluetooth, the second one allowed the researchers to elevate their privileges and become root (cybersecurity lingo for the highest level of system access — giving them free rein to execute code in the infotainment system), and the last one gave them control of the security gateway, a component that sends some commands to the car.
“It’s not at the point of a modern browser running on an iPhone or an Android, but it’s not that far from it. Tesla cars are really well connected to the internet, so they need to take care of security because they are likely to be targeted more than other cars,” Vincent Dehors, Cyber Security Engineer, Synacktiv, was quoted as saying.
Further, the researchers mentioned that Tesla is working on patches for these vulnerabilities, which should be pushed to cars soon, according to the report.
Last month, Tesla paused the rollout of its Full Self-Driving (FSD) beta software in the US and Canada until a firmware update can be issued to address a safety recall.
“Tesla has issued a voluntary recall on certain Model S, Model 3, Model X and Model Y vehicles that have installed or are pending installation of software that contains the Full Self-Driving (FSD) Beta feature,” Tesla wrote on the support page.
Kolkata: The official Twitter account of the Trinamool Congress has been hacked, with the picture and logo of the handle changed.
The party’s national spokesman and Rajya Sabha member Derek O’Brien has confirmed the development and claimed that communications are being made with the Twitter authorities to bring the handle back to its original format.
In the hacked handle the name has been changed to “Yuga Labs” and the original party logo has been replaced by a symbolic picture combining the letters “Y” and “L”.
The “blue tick”, however, is still there.
Party sources said that the matter came to the notice of the leaders early Tuesday morning and they doubt that the hacking incident took place on late Monday night.
“The Twitter authorities have contacted and they have assured us of giving back the party’s official Twitter handle the original looks at the earliest,” a party leader said.
However, despite being hacked no derogatory comment slamming the party has been posted through this Twitter handle.
The last tweet posted by the handle at 9.01 p.m. on Monday night, read: “#DidirSurkshaKawach is a mammoth effort at securing basic sustenance for every resident in Bengal, irrespective of age, gender, caste or religion, to achieve state-wide inclusive- growth & expand welfare cover, Didir Doots is generating awareness across households.”
Party sources said that besides informing the Twitter authorities about the development, the leadership might also file an official complaint with the cybercrime division of the Kolkata Police.
An Israeli disinformation specialist hired to run covert dirty tricks campaigns in African elections hacked political advisers close to Kenya’s president, William Ruto, in the run-up to last year’s election, an investigation can reveal.
The interference did not prevent Ruto winning the poll, nor the peaceful transfer of power in Kenya, but the revelation highlights the growing risks posed by the involvement of bad actors and paid operatives in the relatively new democratic systems and institutions across Africa.
Tal Hanan, a self-described “chairman” of “Team Jorge”, an Israeli operation run from an industrial park 20 miles north of Tel Aviv, boasted to undercover reporters that he was able to disrupt elections through black ops and disinformation services.
Days before Kenya’s 2022 election, he gave a demonstration of his capabilities, showing how he could use hacking techniques to infiltrate the messages of political advisers.
Hanan’s operations were exposed on Wednesday by the Guardian and an international consortium of reporters led by the French nonprofit Forbidden Stories. In a statement about the investigation, Hanan said: “I deny any wrongdoing.”
Quick Guide
About this investigative series
Show
The Guardian and Observer have partnered with an international consortium of reporters to investigate global disinformation. Our project, Disinfo black ops, is exposing how false information is deliberately spread by powerful states and private operatives who sell their covert services to political campaigns, companies and wealthy individuals. It also reveals how inconvenient truths can be erased from the internet by those who are rich enough to pay.The investigation is part of Story killers, a collaboration led by Forbidden Stories, a French nonprofit whose mission is to pursue the work of assassinated, threatened or jailed reporters.
The eight-month investigation was inspired by the work of Gauri Lankesh, a 55-year-old journalist who was shot dead outside her Bengaluru home in 2017. Hours before she was murdered, Lankesh had been putting the finishing touches on an article called In the Age of False News, which examined how so-called lie factories online were spreading disinformation in India. In the final line of the article, which was published after her death, Lankesh wrote: “I want to salute all those who expose fake news. I wish there were more of them.”
The Story killers consortium includes more than 100 journalists from 30 media outlets including Haaretz, Le Monde, Radio France, Der Spiegel, Paper Trail Media, Die Zeit, TheMarker and the OCCRP. Read more about this project.
Investigative journalism like this is vital for our democracy. Please consider supporting it today.
During his meetings with undercover reporters, Hanan never explicitly confirmed he had been hired to work in Kenya and, if so, who his client might be. However, when demonstrating Team Jorge’s capabilities to the journalists, who were posing as prospective clients, Hanan appeared to show them “live” demonstrations of hacks targeting three aides close to Ruto, who was a presidential candidate at the time.
One involved an apparent infiltrationof Gmail; the other two involved Telegram accounts.
“So just to give you an example, it’s in the news in recent days, we are now … involved in one … elections [sic] and … in Africa,” Hanan told the reporters on 25 July last year. The vote in Kenya took place on 9 August.
Tal Hanan, the leader of Team Jorge, a hacking and disinformation unit. Photograph: Haaretz/TheMarker/Radio France
During the same meeting, Hanan claimed to have “completed 33 different campaigns, presidential-level campaigns” and suggested a significant proportion of these were in Africa.
The demonstration by Hanan raises questions about whether his meddling in the Kenyan election was more widespread than the brief examples shown to the undercover reporters. There is no evidence of who may have been behind any interference or that the political advisers were aware of the hacks.
Get in touch
Hanan, a 50-year-old former explosives specialist in Israel’s military, showed how, once he had gained access to an account, Team Jorge could send messages without the user’s knowledge or consent. His aim was often “to create confusion” during a campaign, he said, explaining that “the biggest thing is to put sticks between the right people”.
One Telegram account Hanan infiltrated before the Kenyan election belonged to a strategist who isnow an aide to the president. Scrolling through the Telegram account and personal chats during a demonstration to the undercover reporters, Hanan showed how, once the hackers had access to accounts, they could send messages to their contacts.
To illustrate this, he sent an oblique message – the number 11 – before deleting it.
Hanan showed how, once the hackers had access to accounts, they could send messages to their contacts. Photograph: Telegram
However, Hanan made a critical mistake and did not fully delete the message. An examination of the recipient’s phone confirmed the falsified message was received. Hanan also seemed to search the files of the hacking victim, appearing to retrieve internal polling data related to the forthcoming election.
In other demonstrations, he appeared to enter the Gmail account and the Telegram account of two other close advisers to Ruto. It is unclear which of these tactics, if any, Hanan deployed in the Kenyan election and what their effect may have been.
Google, which runs the Gmail service, declined to comment.
Telegram said: “Accounts on any massively popular social media network or messaging app can be vulnerable to hacking or impersonation unless users follow security recommendations and take proper precautions to keep their accounts secure.”
Quick Guide
The undercover footage
Show
What is this undercover footage?
Disinformation operatives work under the radar. To find out more about ‘Team Jorge’, an Israel-based unit selling hacking and social media manipulation services, three journalists went undercover. They posed as consultants, working on behalf of a client in a politically unstable African country who wanted to delay a forthcoming election. The reporters secretly filmed several meetings with the group’s leader, Tal Hanan, who uses the alias ‘Jorge’, and his associates between July 2022 and December 2022.
Who is in the footage?
The footage captures Hanan, as well as his brother, Zohar Hanan, and other associates of Team Jorge. Faces of reporters have been blurred. The meetings took place on video calls, when Hanan and his colleagues gave slideshow demonstrations of their services, and in person, at Team Jorge’s office in an industrial park 20 miles outside Tel Aviv.
Who did the secret filming?
It was secretly filmed by three reporters from media outlets working in a consortium investigating disinformation: Gur Megiddo (TheMarker), Frédéric Métézeau (Radio France) and Omer Benjakob (Haaretz). The video was then shared with more than 25 other media outlets in the consortium, including the Guardian and Observer. While the Guardian and Observer were not involved in the undercover filming, they are publishing the material because of the strong public interest justifications for doing so.
What is Team Jorge’s response?
Tal Hanan did not provide a detailed response to questions from the Guardian. He said: ‘To be clear, I do deny any wrongdoing.’
Hanan’s presentation to the undercover journalists underlines how an international cast of “consultants” has exploited growing social media use and internet penetration in Africa to manipulate and interfere with democratic processes in strategically important countries.
In recent years, dozens of polls across the continent have been marred by allegations that political actors have hired foreign companies to provide a variety of services, from legitimate polling and public relations work to voter suppression.
Documents leaked to the Guardian confirm Team Jorge was involved in the 2015 elections in Nigeria. An analysis of thousands of bots associated with his disinformation software also suggests the team was involved in spreading disinformation in the 2019 presidential election in Senegal.
Hanan also showed the undercover reporters screenshots that suggested he could access the email inboxes of senior government officials elsewhere on the continent, and described employees posing as journalists to gather useful information during election campaigns in Africa.
Though both sides in the 2022 poll in Kenya were accused of manipulation, disinformation and dirty tricks, the elections in the east African country were seen as a significant achievement for its democratic institutions and important for reinforcing regional stability.
Election observers described the most recent poll as “largely peaceful and transparent”. Previous elections in Kenya have been marred by widespread violence. In 2007, polls triggered a crisis and led to more than 1,000 deaths.
Raila Odinga, the veteran politician whose Azimio la Umoja coalition lost the 2022 election by less than 2%, has repeatedly claimed the results of the poll were fraudulent. Kenya’s supreme court rejected his allegations and said they were based on “falsified evidence” in a judgment in September. Independent analysts have also said the claims are unfounded.
Odinga continues to claim the poll was rigged, citing statements by an unidentified former election commission official and a dossier that is still causing controversy in Kenya. He did not respond to requests for comment.
[ad_2]
#Political #aides #hacked #Team #Jorge #runup #Kenyan #election
( With inputs from : www.theguardian.com )
Hyderabad: In a sensational incident, a man was hacked to death at Nawab Saheb Kunta area under Falaknuma police station limits.
Ayaz (30) was waylaid by unknown assailants near Mustafa Masjid at Falaknuma after he was on his way to deliver a load of live stock chicken.
The local eyewitness said that the assailants first sprinkled red chili powder into the eyes of Ayaz and suddenly pounced over him. He was attacked by sharp-edged weapons.
During the attack, Ayaz died on the spot and a team of Falaknuma police along with the CLUES team reached the crime scene, later the dead body was shifted to the Osmania morgue.
Initial investigation by the police revealed that the deceased had a criminal record and was involved in a murder case. Police suspect the murder might have been carried out to avenge the other murder.
A murder case has been booked and investigation is underway by the police.
The screenshot of the hacked TSRTC MD’s account (Image: Siasat).
Hyderabad: Hackers took control of the Twitter account of Telangana State Road Transport Corporation’s (TSRTC) managing director on Monday. The account was mostly hacked into by cyptocurrency hackers, as a tweet related to crypto cash retweeted by the account.
After the incident, the TSRTC md VC Sajjanar issued a media statement confirming the same. Below is the tweet that was retweeted by the hacked TSRTC MD’s account:
I became a millionaire today! Haha j/k. Those are apes I sold after sweeping the floor the past two weeks (didn’t work out after the market went down from Wednesday’s mint news). https://t.co/LoRV1XTZ3f
“On 22.01.2023 at 21:30hrs official Twitter account of TSRTC MD (@tsrtcmdoffice) was compromised. This unfortunate incident happened despite all safety measures. We do not endorse any tweets from our handle. We are working with Twitter Support to resolve the issue,” said the statement from TSRTC MD Sajjanar.
On the same day, the Twitter account of the Andhra Pradesh Director General of Police was hacked on Monday, and hackers posted an obscene photograph on it.
Deputy Inspector General P.H.D. Ramakrishna said that the account was created in 2019 and it was inoperative since February 2020. The account was hacked on Monday by some unknown persons, who posted an objectionable photograph on it.
