The recent supply chain attack1 causing Toyota to halt production for days and lose 13,000 in car outputs underscores how wide an organization’s attack surface can be. It also proves how scattered threat vectors can be—from insider mistakes, third-party vulnerabilities, and many others.
Since WhoisXML API is at the forefront of domain intelligence, we dug up domains and subdomains containing text strings related to the top car brands,2 including Toyota, Mazda, Subaru, Kia, Honda, Lexus, and Tesla. Our analysis found:
- 10,000+ domains and subdomains containing the top car brands added since 1 February 2022
- 6,000+ domains and root domains of brand-related subdomains enriched with their WHOIS details
- 30+ digital properties flagged as malicious
Download the threat research materials containing the digital properties related to the top car manufacturers and other data points.
-  https://www.reuters.com/business/autos-transportation/toyota-suspends-all-domestic-factory-operations-after-suspected-cyber-attack-2022-02-28/
-  https://www.forbes.com/sites/tanyamohn/2021/02/23/the-top-10-cars-and-best-brands-of-2021-announced/