Nissan source code leaked online
In the beginning of January (Jan. 4), it was reported that source code of mobile apps and internal tools developed and used by Nissan North America was circulating the Internet. Apparently, the data have been shared on Telegram channels and different forums for hackers in the form of torrent links.
The reason of the online leakage was a misconfiguration of one of the automaker’s Bitbucket Git servers, as its default username/password was set to admin/admin. Accordingly, the Git repository contained the source code of:
• Nissan NA Mobile apps
• some parts of the Nissan ASIST diagnostics tool
• the Dealer Business Systems/Dealer Portal
• Nissan internal core mobile library
• Nissan/Infiniti NCAR/ICAR services
• client acquisition and retention tools
• sale/market research tools + data
• various marketing tools
• the vehicle logistics portal
• vehicle connected services/Nissan connect things
• and various other backends and internal tools
A Nissan spokesman has confirmed the incident and, in a response for a comment, said:
“Nissan conducted an immediate investigation regarding improper access to proprietary company source code. We take this matter seriously and are confident that no personal data from consumers, dealers or employees was accessible with this security incident. The affected system has been secured, and we are confident that there is no information in the exposed source code that would put consumers or their vehicles at risk.”
The Git server has been taken offline by Nissan, according to ZDNet.
Written by Joakim Rosell
The fifth-generation (5G) network is rapidly deployed around the world, after which artificial intelligence-enabled next-generation (6G) will be in line with the future evolution of network intelligentization . Proceedings of the IEEE's invited paper "Future...
Earlier this year in an AutoSec Newsletter it was reported that source code of mobile apps and internal tools developed and used by Nissan North America was circulating the Internet. The data had been shared on Telegram channels and different forums for hackers in the...
Tracker Network (UK) Ltd is a company that provides vehicle systems used for recovering stolen vehicles in the UK, and its stolen vehicle systems operate in all 52 police forces in UK. Tracker’s tracking solution combines GSM, VHF and GPS which available localisation...