Threat actor leaks Mercedes-Benz platform’s source code
The leaker claims the data includes Mercedes-Benz's 'critical infrastructure' platform and Beijing Benz Automotive API system.
One of the archives posted on October 25 contains a system the threat actor claims to be Mercedes-Benz's 'management sales platform.' Mercedes-Benz is a car brand owned by the German manufacturer Daimler AG.
CyberNews researchers noted that the leaked system appears to be used by the Mercedes-Benz team, as indicated by hardcoded links with the brand's name.
The comments and output messages in the leaked code are composed in Chinese and English, indicating the leak likely concerns a China-based division of the German automaker.
The second part of the leak contains code written in java that appears to be still in development, as evident by code class names such as 'MyDemoTask' and comments like 'here write the execution logic of the timing task.'
The unfinished code also has comments in Chinese. Since the leaker claims the uploaded data belongs to Beijing Benz Automotive, we assume the origin of the code was likely meant to be used in China by Beijing Benz Automotive. The company is a joint venture between BAIC Motor, a Chinese car manufacturer, and Daimler AG.
Sample screenshot from the leaked archive:
The source code in the second part of the leak contains job sequence codes, email sending tasks, a few exceptions with hardcoded serial version UID values, and basic functionality comments.
Our researchers indicate that the code is still in development and unlikely to be in use. Some lines of the code have hardcoded credentials that do not appear to be directly related to either Daimler AG or BAIC Motor.
The threat actor claims to have acquired the information from a SonarQube server. The leak was posted by the same user who recently shared the source code to Bosch iSite platform. The leaker claims to have acquired the Bosch source code by exploiting a SonarQube zero-day vulnerability.
Since the leak was made freely available to anyone, we assume that multiple members of the hacker forum, many of whom are likely to be cybercriminals, were able to download and access the data since it's been published.
For organizations that wish to avoid becoming victims of cyber crime groups, here are a few basic precautions to have in mind:
To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.
More from CyberNews
Subscribe to our newsletter