Another piece from the folks at Dark Reading on the Iranian Dark Coders hackers going after automated tank gauges (ATGs). Most folks have no idea what an ATG is, but next time you fill up your car or monster truck at a gas station, take a peek into the closet behind the cash register, or at Costco there’s a little brick shack with a window in it. There’s a box on the wall, almost surely a “Veeder-Root TLS 350” (since they have the lion’s share of this market). This is a useful box that does wondrous things, as you can tell from the product brochure link. Once in a while they are sitting out on the Internet, listening for their master on port 10001, which is where the hackers stepped into some honeypots.
Iranian, Syrian Hackers Hit ‘Gas Gauges’ by Kelly Jackson Higgins
Adding on to this story, Threat Post’s article of a vulnerability survey of US based gas stations indicates that around 3% of 150,000 ATGs are exposed on the Internet.