Hackers reportedly stole around 600 gallons of gas by hacking into a Detroit gas station

A gas station in Detroit was reportedly hacked by cybercriminals who managed to steal over 600 gallons of gas. The gas, believed to be worth around $800, was stolen by two suspects in the middle of the day.

The hackers reportedly managed to carry out the unique heist in about 90 minutes while the gas station attendant was unable to stop it.

The incident took place at around 1pm in Detroit on June 23, Fox 2 Detroit reported. The hackers allegedly used some sort of remote device that allowed them hijack the gas pump and take control of its operations, locking out the gas station employee from accessing the pump.

Detroit police confirmed that the remote device stopped the gas employee from thwarting the attack.

Around 10 cars appear to have benefited from the free flowing gas during the attack. However, the authorities are still unclear about whether the owners of these 10 cars were co-conspirators.

How gas pumps can be hacked

Some reports speculated that the hackers may have targeted the gas station fuel management system.

In January, security researchers discovered multiple security vulnerabilities in an automated fuel management system that could have allowed hackers to shut down the gas pump, alter fuel prices, hijack card payments and more, Motherboard reported.

This is not the first gas pump hack to have occurred this year either.

In June, a man in Texas allegedly stole $800 worth of gas using a device, Gizmodo reported. Around the same time, a BP employee in New Jersey was allegedly found to have manipulated computer records for years, stealing over $300,000 worth of gas from the firm.

Fuel pump flaws

Vulnerabilities in fuel pump managements are not a new concept either.

In 2015, Trend Micro reported about internet exposed gas pump management systems, some of which were not password protected.

These vulnerable systems were allegedly targeted by the hacktivist outfit Anonymous. Although the Anonymous attacks only resulted in a name change, Trend Micro researchers had predicted that “sooner or later, real world implications will occur, causing possible outages or even worse”.