When your phone pairs with a car’s computer system, the evidence can remain long after the joyride.
That’s what a group of Baltimore thieves may be about to find out. Ars Technica IT Editor Sean Gallagher, who lives in Baltimore, has the story of a car theft that turned into a crowdsourced infosec investigation.
Read the full story
A systems administrator who goes by @BaconIsFruit had his house broken into and his Jeep stolen in November. The car was found after an apparent joyride, but the suspects weren’t. The thieves were caught on a webcam, which led to one of the suspects. Clues about the others didn’t emerge until he got the car back, Ars reports:
It was then that he noticed three new device names on the Jeep’s UConnect system paired device list. Since he happens to work in IT at a Baltimore-based cyber-security firm, he showed a coworker the list—launching an open source intelligence gathering operation to identify more of the culprits.
.@baconisfruit's car gets stolen. Criminal geniuses pair their phones' Bluetooth. #OPSECfail (OSINT @AmazinMojoStarz pic.twitter.com/tAfzCL6aaz
— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) February 11, 2016
One matching name was found on Instagram, and now Baltimore police are now looking into the case.
Maybe the connected car isn’t just a hacking trap after all.
Before you go...
To keep our site paywall-free, we’re launching a campaign to raise $25,000 by the end of the year. We believe information about entrepreneurs and tech should be accessible to everyone and your support helps make that happen, because journalism costs money.
Can we count on you? Your contribution to the Technical.ly Journalism Fund is tax-deductible.
Join our growing Slack community
Join 5,000 tech professionals and entrepreneurs in our community Slack today!
