The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets.
German broadcaster Bayerricscher Rundfunk, which broke the story, reported (in an article translated into English) that BMW caught the intrusion early and chose to monitor the digital invaders’ activity before ultimately expelling them two weekends ago. Sensitive data would not have leaked, an unidentified IT security expert told the news organization, and BMW’s central data center remained untouched.
As part of their scheme, the hackers reportedly created a fake website that appeared to represent BMW’s branch in Thailand and another phone site impersonating Hyundai. They also reportedly infected BMW with Cobalt Strike, a commercial penetration testing tool that it historically has abused as a malicious tool.
BMW reportedly declined to provide Bayerricscher Rundfunk with comment on the specific case, but said “We ..
Support the originator by clicking the read the rest link below.
