A hacker known as "sentap" has offered total access to a fuel management system present in gas stations in Guerrero, State of Mexico, and Morelos, with most of the affected gas stations located in Guerrero, on clandestine forums of the dark web. The access, valued at $25,000, would allow manipulation of supply, alteration of financial records, and diversion of fuel imperceptibly.
Cybersecurity specialists have warned about the authenticity of the attack, considering it a serious risk. Nicolás Azuara, an analyst consulted by Publimetro Mexico, indicated that the compromised system manages more than 10 subsidiary stations and processes daily transactions of up to 12.8 million pesos. The leaked database contains highly sensitive information that could be used for fraudulent activities such as fuel theft or money laundering.
The hacker "sentap" is known for selling access to vulnerable systems on government and telecommunications platforms. This individual has been active since at least August 2023 and has offered access to critical infrastructure in several countries, including Pakistan, Burkina Faso, Bhutan, Vietnam, among others, in addition to Mexico.
The compromised access would allow manipulation of financial and accounting records, control over fuel distribution, alteration of credits and customer invoices, export of sensitive data, and management of user roles and permissions. This risk would facilitate illegal practices such as fuel theft without being detected by the systems of the affected stations.
Experts like Víctor Ruiz from SILIKIN warn about the serious consequences of this breach, which could result in shortages due to inventory alteration, massive financial fraud, and multimillion-dollar losses. In addition, the sale of this access could lead to industrial espionage, price manipulation, money laundering, and reputational damage with potential regulatory sanctions.
The company affected by this attack has not been revealed, but companies like Hidrosina, G500, or independent distributors could be involved. Access to financial records, customers, and suppliers would offer attackers the opportunity to divert large volumes of gasoline, manipulate prices, and billing. Dark Web Informer has also issued an alert regarding this attack.
