Several major flaws have been discovered in the software used by some of the world’s biggest car brands.
And there are beautiful people, 16 brands in total: Ferrari, BMW, Mercedes, Porsche, Jaguar, Honda, Acura, Hyundai, Toyota, Nissan, Kia, Rolls-Royce, Land Rover, Ford, Genesis and Infinity. The solution publishers SiriusXM, Spireon and Reviver are also concerned.
Vehicles that pass under the control of hackers?
The end of all mechanics in automobiles and the contribution of connectivity to the sector are undeniably a big plus. Unfortunately, while technology can produce amazing results, it also brings with it its share of vulnerabilities.
We already knew that keyless cars could be attacked by hackers. But today, these are problems of greater magnitude revealed to us by the researcher of Yuga Labs, Sam Curry. The latter has indeed identified several major flaws. Some could have given a hacker access to user data stored in company systems, while others offered the possibility of executing commands remotely.
The most important of these flaws affected the location system of Spireon, a North American specialist in connected vehicles. By exploiting it, a potential attacker could have changed the controls of a fleet of 15.5 million vehicles. ” This would have allowed us to track and stop starters for police, ambulances and law enforcement vehicles “, is it thus explained.
Security needs to be strengthened
Certain flaws at Ferrari, BMW or Mercedes would have allowed the information of the owners’ accounts to be modified. Or, for still others, to follow the GPS location of a vehicle live, or even to change its status to ” Fly “.
The various flaws shelled by Sam Curry have since been filled through discreet communication between the team and the manufacturers concerned. However, the researchers believe that the problems identified were serious.
” If an attacker is able to find vulnerabilities in API terminals used by vehicle telematics systems, they could honk, flash headlights, remotely track, lock/unlock, and start/stop vehicles, all remotely details the paper. If there is cause for concern, manufacturers will have to redouble their vigilance to ensure the safety of their vehicles.
Sources: The Hacker News, Gocar
2