Two Russians indicted for hacking JFK taxi dispatch system The Register

For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the dispatch line. The two Russian nationals, Aleksandr Derebenetc and Kirill Shipulin, were indicted by a grand jury for conspiring to commit computer intrusions, the US Justice Department said on Tuesday. In early October, the two American nationals, Daniel Abayev and Peter Leyman, who were indicted last year, pleaded guilty, each to one count of conspiring to commit computer intrusions. "As alleged in the indictment, these four defendants conspired to hack into the taxi dispatch system at JFK airport," said US Attorney Damian Williams in a statement. "Cyber hacking can pose grave threats to infrastructure systems that we rely on every day, and our Office is dedicated to pursuing criminal hackers, whether they be in Russia or here in New York.". The scheme represented an attempt to monetize the demand among taxi drivers for lucrative airport fares - the current flat rate for JFK to Manhattan is $70 plus additional charges. As described in the indictment, taxi drivers are required to wait in a holding lot at JFK, often for several hours, before being dispatched in the order of their arrival to airport terminals. Because time spent waiting in line is not paid, drivers have a financial incentive to avoid waiting in line. The conspirators allegedly developed a plan to hack the dispatch system around September 2019. The indictment [PDF] describes several approaches that were tried, "Including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connect, and stealing computer tablets connected to the dispatch system." The government's filing suggests that the group gained and lost access to the dispatch system several times. When they did have access, the alleged conspirators offered to move drivers to the front of the dispatch queue for a $10 fee, and waived the fee for those who found other drivers willing to pay to play. According to the Justice Department, the group booked 2,463 queue cuts in a single week around December 2019. The scheme allegedly enabled as many as 1,000 trips per day that skipped the queue at JFK. "The significant charges in this alleged hacking conspiracy show that the Port Authority takes seriously our obligation to safe and equitable operations across our facilities," said Port Authority Inspector General John Gay in a statement. "As alleged, this brazen scheme corrupted a system that hard-working taxi drivers rely on to earn a living, all so the defendants could make some extra cash." The American conspirators are said to have collected the money from participating drivers and to have sent payments to the alleged Russian conspirators, describing the money transfers as "Payment for software development" or "Payment for services rendered." The indictment indicates that the Russians received more than $100,000 for their work. If apprehended - which appears unlikely given current US relations with Russia - the Russians face charges that carry a maximum sentence of ten years in prison. Abayev and Leyman each face up to five years in prison. They're scheduled to be sentenced early next year.

This Cyber News was published on www.theregister.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Two Russians indicted for hacking JFK taxi dispatch system The Register

Two Russians indicted for hacking JFK taxi dispatch system The Register - For a period of two years between September 2019 and September 2021, two Americans and two Russians allegedly compromising the taxi dispatch system at John F. Kennedy International Airport in New York to sell cabbies a place at the front of the ...
10 months ago Theregister.com
JFK Airport Taxi Hackers Sentenced to Prison - Two cab drivers accused of being involved in a hacking scheme targeting the taxi dispatch system at John F. Kennedy International Airport have been sentenced to prison, the US Justice Department announced on Monday. The individuals are Daniel Abayev, ...
7 months ago Packetstormsecurity.com
Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
9 months ago Securityzap.com
CVE-2021-47552 - In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), ...
4 months ago Tenable.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
3 months ago Securityweek.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
4 months ago Tenable.com
Update your white hat hacking skills with $70 off this training bundle - Ethical hacking is a useful skill set not just for cybersecurity experts, but for every IT worker. The Ultimate 2020 White Hat Hacker Certification Bundle provides 10 detailed courses to get you up to speed on using hacking skills for positive ends. ...
9 months ago Bleepingcomputer.com
Dutch hacker jailed for extortion, selling stolen data on RaidForums - A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide. The suspect, a 21-year-old man from Zandvoort named ...
10 months ago Bleepingcomputer.com
Duo Jailed for Hacking JFK Taxi Dispatch System - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
7 months ago Hackread.com
"Do Not Push To Production" And Other Insecure Code, Demonstrated By An Ethical Hacker - Viewers got to see some interesting vulnerabilities and coding practices that made her demo app pretty open to exploits. A friend of mine published a book about it over 25 years ago, called The Happy Hacker. If you're hacking without permission, no ...
10 months ago Securityboulevard.com
Understanding Mobile Network Hacking: Risks, Methods, and Safeguarding Measures - In an era dominated by mobile connectivity, the security of mobile networks has become a critical concern. Mobile network hacking refers to unauthorized access and manipulation of mobile communication systems, posing significant risks to individuals ...
10 months ago Cybersecurity-insiders.com
Syrian Threat Group Peddles Destructive SilverRAT - The group behind a sophisticated remote access Trojan, SilverRAT, has links to both Turkey and Syria and plans to release an updated version of the tool to allow control over compromised Windows systems and Android devices. According to a threat ...
9 months ago Darkreading.com
CVE-2023-40171 - Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authentication Provider` plugin encounters an error when ...
1 year ago
Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
7 months ago Apnews.com
Learn Cybersecurity Skills From Scratch for Just $30 Through January 1 - Save on tech services or switch to a lucrative new tech career in 2024 by training at your own pace to develop high-demand cybersecurity skills. On sale from 12/26 through 1/1. We may be compensated by vendors who appear on this page through methods ...
9 months ago Techrepublic.com
China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
7 months ago Darkreading.com
CVE-2021-41129 - Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not ...
10 months ago
CVE-2024-26706 - In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data ...
6 months ago Tenable.com
IBM Heron Quantum Chip, Quantum System Two - Next generation quantum processor dubbed 'Heron', and the modular IBM Quantum System Two unveiled by Big Blue. IBM has unveiled two new quantum developments, with a new series of utility-scale processors housed within a modular quantum system. At its ...
10 months ago Silicon.co.uk
Grab 9 Ethical Hacking Courses for $25 and Improve Your Business Security - TL;DR: If you want to improve your knowledge of cybersecurity, The All-in-One Ethical Hacking & Penetration Testing Bundle is available for $24.97. Cybersecurity is a growing industry, projected to be worth $424.97 billion by 2030. Even if you don't ...
9 months ago Techrepublic.com
Alleged ShinyHunters Hacker Pleads Not Guilty After US Extradition - The ShinyHunters group is known for some of the largest data breaches in 2021-2022, in which the personal data of hundreds of millions of users was leaked on the now-seized Raidforums. In July 2022, HackRead.com reported on Sebastian Raoult, an ...
1 year ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)