Hackers Create Traffic Jam in Moscow by Ordering Dozens of Taxis at Once Through App

Attackers attempted to disrupt ride-hailing app service on Thursday, the company confirmed.
taxis in a traffic jam
Screenshot: Twitt

Hackers created a traffic jam in Moscow on Thursday by ordering dozens of taxis from the ride-hailing app Yandex Taxi to converge on the same location in one of the first known instances of attackers using an app-based taxi company to create chaos on the roads.

Video circulated on social media showing a very long traffic jam of taxis along an otherwise lightly trafficked road. The video was then shared by the account @runews where it was retweeted more than 6,500 times as of this writing.

Advertisement

A Yandex spokesperson confirmed the incident in a statement to Motherboard. “On the morning of September 1, Yandex Taxi encountered an attempt by attackers to disrupt the service—several dozen drivers received bulk orders to the Fili district of Moscow,” said the Yandex spokesperson.

The Fili district is outside the Moscow city center along Kutuzovsky Prospekt, a main thoroughfare that goes from the southwest into central Moscow. It is not clear why this area in particular was targeted, and a Yandex spokesperson declined to share more details on the attack. 

Moscow is legendary for its traffic jams, regularly ranking among the cities with the worst traffic jams in the world. The Yandex spokesperson said the issue was resolved “in less than an hour” and “the security service of Yandex Taxi promptly stopped the attempts of artificial congestion of cars and improved the algorithm for detecting and preventing such attacks to prevent similar incidents in the future.”

To the Fast and Furious fans out there, the hack might seem familiar. In 2017, in the eighth installment of the franchise, The Fate of the Furious, Charlize Theron’s character Cipher starts a gigantic traffic jam in New York saying with a faint wry smile: “Hack ‘em all, it’s zombie time.” That hack is different, of course. Cipher takes over the cars themselves, and does so remotely, including ones that are parked and turned off. But the effects are pretty much the same, albeit on a larger scale.

Hackers targeting cars through various means has been the subject of significant research in the cybersecurity industry for a few years. The most famous case is perhaps the one where two security researchers hacked into a Jeep Cherokee driven by Wired’s journalist Andy Greenberg and killed its engine while he was driving on the highway. In that case, the researchers—Charlie Miller and Chris Valasek—got in through the internet-connected entertainment system. Car hacking has become so prominent that the world’s premiere hacker conference DEF CON has been hosting a Car Hacking Village, a workshop that runs parallel to the conference where hackers and security researchers can learn how cars connect to the internet, and how to exploit vulnerabilities in the car’s systems. 

It’s unclear who is responsible for the traffic jam in Moscow, but what we do know underscores the dangers of an increasingly connected world. 

Sign up for Motherboard’s daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories.