$3,000 of Gas Stolen from Hacked Pumps in Detroit
Table of Contents
- By Steven
- Published: Oct 03, 2023
- Last Updated: Oct 04, 2023
Detroit is Michigan’s largest city, hosting a population of more than 630,000 people. The area is called “Motor City” for its contributions to the automobile industry in the 1950s. More than 2.8 million cars belong to Detroit residents—and gas prices have reached a $3.72 gallon average. More cars are on the roads than ever before, but the cost of running them is taking its toll. A thief has stolen 800 gallons of gas from a Shell gas station in Detroit, costing just under $3,000 and potentially filling 50 vehicles.
How Did the Attack Occur?
We know little about the attack, but what is known relates to Bluetooth. According to the owner of the victimized gas station, the thief hacked into the gas pumps’ Bluetooth and altered settings. These alterations let the gas pump without requiring payment or triggering quantity limitations. The thief may have planned for a large target, as previous emergency elements did not trigger; this may have aided the attacker’s ultimate goal. We suspect a security vulnerability made this gas station a target for the hacker. The hacker may have used phished information, injection codes, or weak network gateways to launch the attack via Bluetooth.
What Did They Take?
The hacker and opportunists may have taken 800 gallons from the gas station: enough gas to fill 50 vehicles on average. These events are not new to the area, but this is a more extensive loss than prior situations. Before the most recent attack, there was a similar case that occurred in 2018; however, in that case, there were two thieves, and they stole about 200 gallons less. The attack in 2018 is similar to the most current in that unknown devices have been used. The hacker may have launched the attack from a laptop, a smartwatch, or a cellphone.
How Did They Discover the Crime?
The gas station staff may not have immediately noticed the signs of something wrong. The gas station is in a hectic location, so an influx of cars was not concerning. Additionally, with more vehicles comes more foot traffic, potentially obscuring malicious actors in large or busy public environments. Reports have no specifics about how the employees and owner noticed the event; however, when the owner attempted to turn off the gas line, the pump did not react. He then shut down the entire station via the emergency shut-off procedure.
What Happened to the Stolen Goods?
Potentially, 50 vehicles drove away without paying for gas; there’s no way to get it back. However, this particular gas station has better security against physical attacks than most. It is part of a long-time Detroit development program, “Project Green Light”. One of the benefits of being enrolled in the program comes from the police-patrolled area; the other benefit comes from their advanced surveillance abilities. It is unknown if the police have suspects in connection to, or who have benefited from, the crime.
What Should Impacted Parties Do in the Aftermath?
As more attacks occur, gas stations may implement more security measures. Depending on the location, they may ban on-property activities, loitering, or more. Most likely, they will start making security upgrades at the pump and check-out counter. That’s bad for hackers but great for everyone else. Until that secure future happens, use caution around gas and convenience stores. Pull hard on the outer card scanner before swiping your card, and use the tap-pay feature wherever possible.
