Top vehicle hacking examples (in pictures)

8 of 8 NEXT PREV

Jeep Cherokee

In 2015, a Wired journalist caught a ride with IOActive researchers Charlie Miller and Chris Valasek in a Jeep Cherokee. At 70mph, the car's air conditioning began blasting out freezing air, the radio switched station on its own, the windshield wipers turned themselves on with wiper fluid spurting, and then the car ran itself off the road.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
Take away the brakes

The same researchers later performed a physical attack on the vehicle's CAN bus to seize control of the car's braking system and at only 25 mph, this was nearly enough to tip over the car.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
Server errors, car theft

In 2018, researchers uncovered a bug in a misconfigured server run by Calamp that granted them access to backend systems of Internet-connected vehicle management systems provided by Viper SmartStart.
The team were able to locate vehicles, reset passwords, unlock side doors, disable alarms, start engines, and, in theory, could have stolen target vehicles.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
Tesla key fobs and poor security

KU Leuven University researchers demonstrated how to steal a Tesla "in a matter of seconds" due to poor cryptographic standards used by Tesla key fobs.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
OwnStar

Security researcher Samy Kamkar created OwnStar, a Raspberry Pi-based device which cost less than $100 to make, in order to show it was possible to abuse the OnStar connected car system to "locate, unlock and remote start any vehicle with OnStar RemoteLink."

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
No more airbags

Trend Micro researchers have been able to exploit a fundamental issue in how Controller Area Network (CAN) protocols operate, a necessary requirement for connected vehicles, in order to reprogram a car's infotainment system, disable airbags, tamper with locking systems, steal a vehicle, and more

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
Infotainment system compromise

In 2016, Computest researchers Daan Keuper and Thijs Alkemade revealed multiple vulnerabilities which were present in the infotainment systems of some Volkswagen and Audi vehicles which could be exploited to seize control of microphones, speakers, and navigation systems.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne
ConnectedDrive

A zero-day bug uncovered in 2016 by Vulnerability Labs affected the BMW web domain and ConnectedDrive portal, an area for owners of new, connected vehicles. If exploited, the bug could be used by attackers to change the vehicle registration numbers of cars.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)
Caption by: Charlie Osborne

8 of 8 NEXT PREV

Researchers have demonstrated everything from running cars off the road to remotely controlling your brakes.

ConnectedDrive

A zero-day bug uncovered in 2016 by Vulnerability Labs affected the BMW web domain and ConnectedDrive portal, an area for owners of new, connected vehicles. If exploited, the bug could be used by attackers to change the vehicle registration numbers of cars.

Published: October 22, 2018 -- 07:25 GMT (00:25 PDT)

Caption by: Charlie Osborne

8 of 8 NEXT PREV