How your Navigo Pass is targeted by hackers

Estimated read time 2 min read

How your Navigo Pass is targeted by hackers

Big tile for the public establishment Île-de-France Mobilities. The mobility organizing authority for the Île-de-France region has just reported that it has been the victim of a computer hacking attempt. It finally ended with the filing of a complaint for fraudulent data collection, a notification of the incident to the Cnil, the guardian of personal data, and the sending of a password reset message to the users concerned.

As Île-de-France Mobilités explains in its press release, an attacker allegedly fraudulently collected about 4,000 active email addresses and passwords on the web, which he then used to log into accounts. “Île-de-France Mobilités immediately reacted by asking Worldline [le prestataire] to take the necessary technical measures to put an end to this attempt and, if necessary, to take any additional measures to strengthen security,” specifies the organization.

ID stuffing

Without explicitly saying so – but confirming it to – Île-de-France Mobilités is talking here about an attack by stuffing identifiers. The very large number of targeted accounts indeed suggested such a type of attack. It consists of mass testing of username-password pairs that have already leaked on other services. The hacker was trying here to exploit a very human weakness, the reuse of the same password on different platforms.

Is this a coincidence or on the contrary in connection with the computer attack? In mid-August last year, an Internet user had precisely made available on an interlope forum a configuration file intended for stuffing identifiers to target… Île-de-France Mobilities. It must be said that the navigo pass, this sesame used by 2 million Ile-de-France residents and which allows access to public transport in the capital, excites many desires.

Scams and frauds

Île-de-France Mobilités had already deplored at the beginning of the year phishing attacks targeting its subscribers. The subject of these emails was “Navigo – Suspended Subscription”. As Numerama had spotted at the time, one of these malicious messages redirected to a copy of the official website obviously intended to capture the only bank card numbers of the victims.

Finally, there is a whole black market around the navigo pass. Another Internet user offered on a black market a navigo pass for only 99 euros, payable in cryptocurrency. A fraudulent sale that involves giving access to the seller’s account, supposed to take control at the time of payment, but which could also be a scam.

You May Also Like

More From Author