IP Adress and Hackers

 

Here is What a Hacker Can Really Do With Your IP Address

Your IP address is valuable information that, when in the wrong hands, can cause some serious damage. If possessed by hackers, they will use all their creativity, skills, and malintent to make your IP address work for them. Here's what a hacker could do to you should they learn your IP address and desire to harm you.

1 Determine Your Physical Location

If a hacker has your IP address, the easiest information for them to find out is the city or region you're located in. While this may be creepy, they won't be able to pinpoint your exact address.

2  Use your IP for a Social Engineering Attack

Once they have your IP address, they can use a website such as WhatIsMyIPAddress to gain a better understanding of where you're located. A hacker may then be able to use this information to learn more about you such as what your ISP is. Then can then leverage this information to create a more detailed social engineering attack.

3 IP Spoofing

As far as devices on your network and throughout the internet are concerned, you are your IP address. So when an attacker changes an IP packet to use your address instead of their own, they're essentially masquerading around the internet as you.

Hackers most often spoof IP addresses to avoid getting their own IP address blacklisted when doing something malicious, most commonly, a distributed denial of service (DDoS) attack. A DDoS attack happens when thousands of requests are sent to a single device to overwhelm it and knock it offline. In order to do this, an attacker needs a botnet, in other words, an army of computers under their control. To mask a hacker's IP address, they will pretend to be you so the attack can not be traced back to them.

4 Sell Your IP Address

One IP address probably isn't very valuable, but what about thousands of IP addresses?

If you were to go on the dark web right now you'd be able to purchase bundles of thousands of IP addresses. Cybergangs then target these IP addresses by running elaborate social engineering campaigns designed to steal personal data which they can then sell on, you guessed it, the dark web.

Also, a single IP address paired with other identifiable information is also more valuable.

Simply knowing your IP address isn't enough for a hacker to do you harm. It's merely one piece of the puzzle that a hacker must put together in order to harm you.

If a hacker uses a network scanner such as Nmap, they can not only find your IP address but can also learn a wealth of information about your computer. They can learn what operating system you're using, what you're computer is doing and what ports are open. If a hacker sees that you have a vulnerable port, service, or operating system running, they can then design an attack to take advantage of any vulnerabilities they find.

6 DDoS Attack

While unlikely, it's feasible for an attacker who has a botnet under their control to inundate your IP address with requests, thus knocking it offline. This is what's known as a Distributed Denial of Service attack (DDoS).

You probably don't have to worry about this type of attack as it's mostly used to target companies or government websites. That being said, tech-savvy gamers have been known to use DDoS attacks against opponents they've feuded with online. For example, the developer behind the enormous Mirai botnet started life knocking competing Minecraft servers offline.

 While these attacks sound scary, chances are a hacker doesn't care much about your IP address. There are plenty of bigger fish surfing the web that they'd rather target.

However, this doesn't mean you shouldn't be safe online. If you want to hide your public IP address, we recommend using a proxy server or one of these VPNs. Doing so will mask your IP address, making it much harder for everyday hackers to find your IP address.

There is also the consideration that knowing an IP address and being able to compromise the network of that IP address are two different things. While it's best to protect your data, as said, it's unlilkely someone will go to the effort of selling a single IP address (unless you've made some serious enemies!). Similarly, while someone could compromise your router and Wi-Fi, that requires more effort and time than just knowing an IP address.

 

 

 

 

Autonomous Car Hacking

 

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate.

"These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security researchers Neiko Rivera, Sam Curry, Justin Rhinehart, and Ian Carroll said.

The issues impact almost all vehicles made after 2013, even letting attackers covertly gain access to sensitive information including the victim's name, phone number, email address, and physical address.

Essentially, this could then be abused by the adversary to add themselves as an "invisible" second user on the car without the owner's knowledge.

The crux of the research is that the issues exploit the Kia dealership infrastructure ("kiaconnect.kdealer[.]com") used for vehicle activations to register for a fake account via an HTTP request and then generate access tokens.

The token is subsequently used in conjunction with another HTTP request to a dealer APIGW endpoint and the vehicle identification number (VIN) of a car to obtain the vehicle owner's name, phone number, and email address.

What's more, the researchers found that it's possible to gain access to a victim's vehicle by as trivially as issuing four HTTP requests, and ultimately executing internet-to-vehicle commands -

• Generate the dealer token and retrieve the "token" header from the HTTP response using the aforementioned method
• Fetch victim's email address and phone number
• Modify owner's previous access using leaked email address and VIN number to add the attacker as the primary account holder
• Add attacker to victim vehicle by adding an email address under their control as the primary owner of the vehicle, thereby allowing for running arbitrary commands

"From the victim's side, there was no notification that their vehicle had been accessed nor their access permissions modified," the researchers pointed out.

"An attacker could resolve someone's license plate, enter their VIN through the API, then track them passively and send active commands like unlock, start, or honk.

 In a hypothetical attack scenario, a bad actor could enter the license plate of a Kia vehicle in a custom dashboard, retrieve the victim's information, and then execute commands on the vehicle after around 30 seconds.

Following responsible disclosure in June 2024, the flaws were addressed by Kia as of August 14, 2024. There is no evidence that these vulnerabilities were ever exploited in the wild.

"Cars will continue to have vulnerabilities, because in the same way that Meta could introduce a code change which would allow someone to take over your Facebook account, car manufacturers could do the same for your vehicle," the researchers said.