Hacker opens 2,732 PickPoint package lockers across Moscow
A mysterious hacker used a cyber-attack to force-open the doors of 2,732 package delivery lockers across Moscow.
The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg.
SEE: Meet the hackers who earn millions for saving the web, one bug at a time (cover story PDF) (TechRepublic)
Russians can order products online and choose to have any of their orders delivered to a PickPoint locker instead of their home address.
Once the package arrives, users receive an email or mobile notification, and they can show up and pick up their orders using the PickPoint app.
However, the same system that allows users to open lockers and retrieve their packages was attacked on Friday.
Using a yet-to-be-identified exploit, a mysterious hacker forced open the doors for a third of PickPoint's lockers, leaving thousands of packages exposed to theft across Moscow.
Хакерская атака обрушилась сегодня утром на постоматы PickPoint, из-за чего камеры хранения открылись на распашку. В пресс службе компании сообщили, что сбой затронул более 3000 терминалов и обещали связаться со всеми пострадавшими клиентами. pic.twitter.com/rjCYakCOUh
— роман соболев (@MicroRomario) December 7, 2020
The reason for the attack has yet to be discovered, but in press releases over the weekend, PickPoint said it notified authorities.
The Russian company said it is currently working to restore its network, which has been damaged during the attack.
It also remains unclear if packages were stolen from lockers. According to social media posts, guards and landlords were quick to intervene on Friday and restrict access to the obviously malfunctioning lockers.
As the company highlighted in a press release on Saturday, this appears to be "the world's first targeted cyberattack against a post-gateway network."