en

The VICE Channels

    Car Breathalyzer Maker Gets Hacked, Internal Docs Dumped on Dark Web

    Written by

    Joseph Cox

    Contributor

    Image: YouTube

    Absolutely any company in the world can get hacked. Apparently that now includes, rather bizarrely, a firm that sells car breathalyzer technology.

    Earlier this week, a hacker called ROR[RG], who acts as the moderator of the recently re-booted Hell hacking forum, dumped supposed internal documents of LMG Holdings, and more specifically, at least one of the companies it owns, “LifeSafer,” which describes itself on its website as “the nation's leader in ignition interlock technology.”

    Ignition interlock devices are essentially breathalysers for individual vehicles, requiring the driver to blow into them before the car will start. Naturally if the driver has drank too much alcohol, the vehicle won't start. On it's website, LifeSafer claims to have more than 70,000 of its devices installed across 46 states, and writes that, "The data received from all breath samples are sent to the department(s) (Court/DMV/Probation, etc) who ordered the device to be installed.”

    “LMG full data fucking ripped,” ROR[RG] posted on the Hell forum within the past few days (there are no time stamps on the site's postings).

    ROR[RG] then provided a link to a list of files, before adding “pay up or get fucked!,” implying that the company may have been contacted as part of an extortion campaign. Dates in the directory of the data imply that a small amount of it was uploaded on Jan. 7, followed by two larger dumps on Jan. 9.

    The data itself is fairly small in size: making up around 150MB when compressed. But its contents are rich with company spreadsheets, instruction manuals for modifying and assembling products, and, perhaps of most importance to LMG Holdings and LifeSafer, detailed schematics of various products and apparent source code.

    One assembly manual, dated 2011, describes the “FC100,” just one of LifeSafer's various devices, with another dense document laying out how to add “hardware improvements” to it. According to the company's website, the FC100 is “the most widely used interlock device in the U.S.”

    One schematic is for the “Miniature Camera Board” of the “LifeSafer Interlock.” The document is marked as “CONFIDENTIAL.” Dozens of these sort of schematics as well as circuit board diagrams are included in the dump, laying out the behind the scenes mechanics of LifeSafer's products. Some of the files go back as far as 2006, with one disclaiming that “Unauthorized use, possession or duplication will result in Severe [sic] civil and criminal penalties.”

    On top of this, several folders contain files that appear to be proprietary source code for various devices. One section of the dump, labeled as “FC100_Camera_Reference_Material,” includes supposed boot loaders and other code for the device.

    Calls to LifeSafer went unanswered, as did messages to LMG Holdings' contact form. At this point it is unclear how ROR[RG] managed to obtain the data.