Top News

Hacked Cars Could Spread Malware Via Dealers, WIRED Reports

October 6, 2015

LOUISVILLE, Ky. — During a presentation on automotive hacking at DerbyCon last month, security consultant Craig Smith said that a malware-infected vehicle coming in for service could potentially infect a dealership’s testing equipment. In turn, that malware could spread to every vehicle the dealership services, WIRED reports.

Smith, who founded the open source car hacking group Open Garages, unveiled a tool at the conference to find security vulnerabilities in the equipment dealerships use to update car software and run vehicle diagnostics. Using the tool, Smith said he has identified multiple security flaws, including dealership equipment that doesn’t check for the length of a VIN — which would allow an infected vehicle to submit a much longer number, potentially breaking the diagnostic tool’s software and allowing a malware payload to be delivered.

Cyberhacks on connected vehicles are a growing concern for the auto industry. In July, Senators Richard Blumenthal (D-Conn.) and Edward J. Markey (D-Mass.) introduced the Security and Privacy in Your Car Act, or SPY Car, would also establish a rating system — or “cyber dashboard” — that informs consumers about how well the vehicle protects their security and privacy beyond minimum standards, among other things.

Also in July, Fiat Chrysler conducted a voluntary recall of 1.4 million vehicles, citing hacking concerns. The OEM implemented network-level security measures in response to another WIRED article showing two hackers taking control of a Jeep Cherokee using a cell signal and the vehicle’s entertainment system.

To read the full story, click here.

Your Comment

Please note that comments may be moderated. 
Leave this field empty:
Your Name:  
Your Email:  

CLOSE [X]

READ NEXT

Consumers Down on VW Brand, Diesel-Powered Vehicles, Survey Shows

Not only do more than half of consumers on Kelley Blue Book and Autotrader have "complete" or "general mistrust" of the Volkswagen brand in the wake of its emissions scandal, 30% of users of both sites are less likely to consider a diesel-powered vehicle.