Turkish electronic toll app (HGS) hacked: Users threatened with offensive messages
Cyberattack targets Türkiye’s toll system HGS, raising user security concerns, December 10, 2024. (AA Photo)
The HGS (Turkish electronic toll collection app; Turkish: Hizli Gecis Sistemi) mobile application, used by millions of drivers in Türkiye for toll payments, was targeted in a cyberattack on Dec. 10.
Users reported receiving offensive messages and threats demanding cryptocurrency payments. Following the incident, the National Post and Telegraph Directorate (PTT – Posta ve Telgraf Teskilati), which oversees the electronic toll collection app, confirmed the hacking and assured users that no data breaches occurred.
Notifications with threats, offensive messages alarm Turkish residents
The attack sent inappropriate notifications to HGS users via the app.
- Some messages included profanities
- Others threatened to leak users’ data unless $25,000 worth of Bitcoin was transferred to a specified address
Social media platforms quickly filled with user reports, amplifying public concern about the application’s security.
PTT addressed the claims with a formal statement. The organization stated: “The incident involved unauthorized access to the HGS app’s message service from an external source. No data loss or unauthorized access to user information occurred during this unauthorized intervention.”
Turkish cybersecurity reveals technical details about HGS attack
A cybersecurity expert in Türkiye explained the technical issues behind the hack.
The HGS hack incident involves a breach of the API of a company using the OneSignal mobile push notification framework. Yesterday’s hack of Anadolu Sigorta’s Sigortam Cepte application occurred similarly. We can say that applications using the same framework and API are at risk.
Onur Oktay claimed
This insight indicated a potential trend in the recent breaches and suggests vulnerabilities in third-party notification services.
OneSignal CEO George Deglin commented on the situation.
Our team is looking into this, and we’re sorry this happened. It appears that these apps had their API keys compromised. To be clear, this is not an issue affecting OneSignal itself. We believe these apps may have misplaced their API keys in a place where a hacker could find them.
George Deglin said
“It’s always painful to see customers impacted by hackers. We have confirmed that these apps are disabled, so additional messages are not sent. We will reach out to the apps to determine how their API key may have been misplaced and to recommend using our IP allow list feature for additional protection,” Deglin added.
PTT takes immediate action and collaborates with legal authorities
PTT explained the actions taken to address the attack. The organization said it implemented swift technical and operational measures to secure the application. Security systems were promptly activated to contain the breach and block further unauthorized access.
Necessary security measures have been applied, and there has been no loss of user data or compromise of sensitive information.
PTT stated
The organization also announced the initiation of legal proceedings in cooperation with relevant authorities to address the cyberattack.
HGS’s role as an essential system and its growing cybersecurity challenges
Since its launch in 2012, HGS has provided seamless toll payments on Türkiye’s highways and bridges using RFID technology.
The system’s efficiency and its ability to reduce traffic congestion have made it a vital tool for millions of drivers. However, its widespread use makes it an appealing target for cybercriminals.
This hack followed a similar breach involving Anadolu Sigorta earlier in the week. Users of Anadolu Sigorta’s mobile application also received threatening messages demanding cryptocurrency payments.
Although PTT and Anadolu Sigorta assured users that no sensitive data was compromised, these attacks raise concerns about the cybersecurity protocols for widely used platforms in Türkiye.
Cybersecurity improvements needed to protect critical systems in Türkiye
The HGS hacking incident highlights the urgency of enhancing cybersecurity measures for crucial public systems. While PTT’s response to the attack was quick, the breach demonstrates the need for continuous updates and improvements to digital security infrastructure.
As investigations into the incident continue, PTT’s collaboration with legal authorities will be vital in holding the attackers accountable and preventing similar breaches.
For now, users should remain vigilant and report any suspicious activity related to their accounts.
