Articles Nissan source code leaked due to admin: admin credentials

Nissan source code leaked due to admin: admin credentials

-

The source code of mobile applications and internal tools of the North American division of Nissan has been leaked to the network. The leak occurred due to the fact that the specialists of the automaker incorrectly configured one of their Git servers.

The first incident was highlighted by Swiss developer and researcher Tillie Kottmann. He wrote on Twitter (the account is now locked) that the Nissan server was not configured correctly, and the default combination was used for the login and password, that is, admin: admin.

Kottmann himself learned about the leak from an anonymous source and analyzed the data belonging to Nissan. According to him, the company’s Git repository contained the source code:

  • Nissan North America mobile applications;
  • some details of the Nissan ASIST diagnostic tool;
  • Dealer Business Systems / Dealer Portal;
  • Nissan’s main internal mobile library;
  • Nissan / Infiniti NCAR / ICAR services;
  • tools for attracting and retaining customers;
  • sales and market research tools + data;
  • various marketing tools;
  • transport logistics portal;
  • car connection services;
  • various other backends and internal tools.

As a result, the problematic server was turned off last week, after torrent links to company data began to circulate on the network, and the leak was also reported on Telegram channels and on hacker forums.

The publication ZDNet writes that Nissan representatives have already confirmed the fact of the leak, but at the same time stressed that the personal information of customers, dealers or employees was not affected. The company also believes that “there was no information in the [leaked] source code that could endanger consumers or their cars.”

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you