X

Top vehicle hacking examples (in pictures)

Researchers have demonstrated everything from running cars off the road to remotely controlling your brakes.
By Charlie Osborne, Contributing Writer
screen-shot-2018-10-20-at-15-30-54.png
1 of 8 Charlie Osborne/ZDNET

Jeep Cherokee

In 2015, a Wired journalist caught a ride with IOActive researchers Charlie Miller and Chris Valasek in a Jeep Cherokee. At 70mph, the car's air conditioning began blasting out freezing air, the radio switched station on its own, the windshield wipers turned themselves on with wiper fluid spurting, and then the car ran itself off the road.

screen-shot-2018-10-20-at-15-33-35.png
2 of 8 Charlie Osborne/ZDNET

Take away the brakes

The same researchers later performed a physical attack on the vehicle's CAN bus to seize control of the car's braking system and at only 25 mph, this was nearly enough to tip over the car.

screen-shot-2018-10-20-at-15-37-02.png
3 of 8 Charlie Osborne/ZDNET

Server errors, car theft

In 2018, researchers uncovered a bug in a misconfigured server run by Calamp that granted them access to backend systems of Internet-connected vehicle management systems provided by Viper SmartStart.

The team were able to locate vehicles, reset passwords, unlock side doors, disable alarms, start engines, and, in theory, could have stolen target vehicles.

screen-shot-2018-10-20-at-15-36-28.png
4 of 8 Charlie Osborne/ZDNET

Tesla key fobs and poor security

KU Leuven University researchers demonstrated how to steal a Tesla "in a matter of seconds" due to poor cryptographic standards used by Tesla key fobs.

screen-shot-2018-10-20-at-15-37-53.png
5 of 8 Charlie Osborne/ZDNET

OwnStar

Security researcher Samy Kamkar created OwnStar, a Raspberry Pi-based device which cost less than $100 to make, in order to show it was possible to abuse the OnStar connected car system to "locate, unlock and remote start any vehicle with OnStar RemoteLink."

screen-shot-2018-10-20-at-15-40-18.png
6 of 8 Charlie Osborne/ZDNET

No more airbags

Trend Micro researchers have been able to exploit a fundamental issue in how Controller Area Network (CAN) protocols operate, a necessary requirement for connected vehicles, in order to reprogram a car's infotainment system, disable airbags, tamper with locking systems, steal a vehicle, and more

screen-shot-2018-10-20-at-15-42-37.png
7 of 8 Charlie Osborne/ZDNET

Infotainment system compromise

In 2016, Computest researchers Daan Keuper and Thijs Alkemade revealed multiple vulnerabilities which were present in the infotainment systems of some Volkswagen and Audi vehicles which could be exploited to seize control of microphones, speakers, and navigation systems.

screen-shot-2018-10-20-at-15-43-03.png
8 of 8 Charlie Osborne/ZDNET

ConnectedDrive

A zero-day bug uncovered in 2016 by Vulnerability Labs affected the BMW web domain and ConnectedDrive portal, an area for owners of new, connected vehicles. If exploited, the bug could be used by attackers to change the vehicle registration numbers of cars.

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes
Holiday lights in Central Park background

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes

21 Photos
Winter backgrounds for your next virtual meeting
Wooden lodge in pine forest with heavy snow reflection on Lake O'hara at Yoho national park

Related Galleries

Winter backgrounds for your next virtual meeting

21 Photos
Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes
3D Rendering Christmas interior

Related Galleries

Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes

21 Photos
Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza
img-8825

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos