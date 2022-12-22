Cybercrime, fraud management and cybercrime

Russians accused of helping Drive use malware to ‘hack the taxi industry’



Mathew J. Schwartz (euroinfosec) •

December 21, 2022

Hacking attacks are so often used as a lazy plot device in Hollywood movies and network television. Think explosive baddies that “hack the Gibson,” shut down all of America’s critical infrastructure, or breathe out, “We’re in!”

The hyperbole obscures a harsh truth: Much real-world hacking is trivial. Consider the case of two suspects accused of hacking not to take over the world but to do something much more mundane, namely controlling the taxi dispatch system at John F. Kennedy International Airport in New York.

A grand jury charge filed Dec. 5 and unsealed on Tuesday accuses multiple people — including Daniel Abayev and Peter Leyman, both 48-year-old residents of Queens, New York — of intermittently tampering with the queuing system over a 12-month period for taxi drivers waiting to pick up fares at the arrival gate. The pair “explored and attempted various mechanisms to gain access to the Dispatch System, including bribing someone to insert a USB drive containing malware into computers connected to the Dispatch System, gaining unauthorized access to the Dispatch System, dispatch via a Wi-Fi connection and steal computer tablets connected to the dispatch system,” according to court documents.

Abayev and Leyman each face two counts of conspiracy to commit computer intrusion, covering the period from November 2019 to November 2020. If convicted of the charges against them, they face a maximum sentence of 10 years in prison.

Lawyers for the two suspects could not immediately be reached for comment.

Made for Hollywood?

The men reportedly earned $10 for every taxi they helped lead, bypassing a system designed to be first-come, first-served. Prosecutors charge the suspects with “enabling up to 1,000 fraudulently expedited taxi rides per day.”

We don’t know if this story could be captivating enough to make it a blockbuster. To liven up a storyline, a Hollywood cliché is to add Russian criminals, often with exaggerated accents. In this case, the Russian hackers did play a part, but more like mercenaries than like bad guys in trench coats. Prosecutors accuse the two defendants of having transferred at least $100,000 to these Russian hackers, sometimes recording the bank transactions as “payment for software development” or “payment for services rendered”.

Any potential script could draw from an array of precise, ready-made dialogue found in the indictment. Abayev reportedly sent this message to Russian hackers in Russian: “I know the Pentagon is hacked. So can’t we hack the taxi industry.” Each day the suspects had access to the dispatch system, this message would be sent to several group threads for taxi drivers: “Store open”. Not bad, but it’s not “You thought your secrets were safe. You were wrong.”

Crucially for cybersecurity fans, the indictment does not detail the exact mechanism that was allegedly used to hack into the taxi dispatch system.

How this alleged hacking story might end is unclear.

The two Queens men were arrested on Tuesday and appeared later in the day before Magistrate Judge Gabriel Gorenstein for the Southern District of New York. They were released on bail after posting personal bonds of $100,000 and agreeing that they would not contact each other “unless an attorney is present”. They also agreed to avoid all access to internet-enabled devices unless monitored by the court’s Pretrial Services office and to use any location monitoring technology the court may require.

So good luck to anyone trying to dramatize this, while sticking to the facts of the alleged hack. Then again, getting such details has never stopped the writers before. Or as that infamous line from “Hackers” puts it: “There’s no right or wrong, only fun and boring” – at least in Hollywood.