BMW & Hyundai Hacked by Vietnamese hackers – Report
News reports from the German media are suggesting that hackers, with alleged links to the Vietnamese government, have hacked BMW & Hyundai networks, the two leading car manufacturers.
Bayerischer Rundfunk (BR) and Taggesschau (TS) claim that the network of a BMW branch was breached by the hackers this spring. A penetration testing toolkit, Cobalt Strike, was installed on infected hosts, which was used to intrude into the compromised network, allegedly.
The reports also allegedly suggest that BMW was aware of this and allowed the hackers to continue their activities and follow their moves. However, their access was curtailed in the last week of November.
TS and BR also claim that Hyundai networks were also breached, but they did not provide any additional information. Both Hyundai and BMW representatives remained unavailable for their comments.
According to TS and BR, hackers are well known for their attacks on the automotive industry. The group, known as Ocean Lotus (or APT32), allegedly carries out attacks at the behest of the Vietnamese government and has been active since 2014.
Since 2017, they have continually targeted the automotive industry. Their initial activities included attacks o hacking foreign organizations in Vietnam and other SEA countries.
In the past, APT32 has been also accused of an attack on Toyota Australia. Experts believe that following China’s activities, the Vietnamese government is making use of hacking groups to steal intellectual property and use it for state-funded corporations.
This strategy was used by China to upsurge its airplane manufacturing sector. According to experts, Vietnam is doing similar activities for boosting its automotive startup VinFast, which is manufacturing cars and has, earlier this year, rolled out its first set of cars.