Skip to main content

Hackers Unlock Car Doors Via SMS

[Image: car-alarm-blog.jpg]

Don Bailey and Mathew Solnik, Two hackers have found a way to unlock cars that use remote control and telemetry systems like BMW Assist, GM OnStar, Ford Sync, and Hyundai Blue Link. These systems communicate with the automaker’s remote servers via standard standard mobile networks like GSM and CDMA — and with a clever bit of reverse engineering, the hackers were able to pose as these servers and communicate directly with a car’s on-board computer via “war texting” — a riff on “war driving,” the act of finding open wireless networks.

Don Bailey and Mathew Solnik, both employees of iSEC Partners, will deliver their findings at next week’s Black Hat USA conference in Las Vegas in a briefing entitled “War Texting: Identifying and Interacting with Devices on the Telephone Network.” The exact details of the attack won’t be disclosed until the affected manufacturers have had a chance to fix their systems, and the hackers are not expected to reveal at the conference which on-board systems they have successfully hacked, but to be honest it doesn’t really matter: if two systems have been cracked (and in just a few hours no less), then it’s likely that other on-board, remote control systems are also vulnerable to the same attack vector.


Software that lets drivers unlock car doors and even start their vehicles using a mobile phone could let car thieves do the very same things, according to computer security researchers at iSec Partners. Don Bailey and fellow iSec researcher Mathew Solnik say they've figured out the protocols that some of these software makers use to remote control the cars, and they've produced a video showing how they can unlock a car and turn the engine on via a laptop. According to Bailey, it took them about two hours to figure out how to intercept wireless messages between the car and the network and then recreate them from his laptop. Bailey will discuss the research at next week's Black Hat conference in Las Vegas, but he isn't going to name the products they've hacked — they've looked at two so far — or provide full technical details of their work until the software makers can patch them.
Labels:

Comments

Post a Comment

Leave ur Comment Please :)

Popular posts from this blog

Sony India launches new camera RX10 M4

Sony’s New RX10 IV Combines World’s Fastest1 AF and 24 fps Continuous Shooting with Versatile 24-600mm F2.4-F4 Zoom Lens ·           World’s fastest 1  0.03 sec high speed AF with 315 focal-plane phase-detection AF points ·           High-speed 24fps shooting with AF/AE tracking ·           ZEISS® Vario-Sonnar T* 24-600mm F2.4-F4 Large Aperture, High Magnification Zoom Lens ·           Touch Focus ·           4K Movie Recording with full pixel readout without pixel binning New Delhi, 10 th  October, 2017 –  Sony, a worldwide leader in digital imaging and the world’s largest image sensor manufacturer today announced an addition to its acclaimed Cyber-shot® RX10 series, the  RX10 IV  (model DSC-RX10M4). Building o...
Post a Comment
Read More

Seductive Wallpapers

Hey All,  i Am Gonna Share 150+ Sexiest Wallpapers 0f all Time! Get ready T0 be Addicted
2 comments
Read More

14 Year Old Hacker Hired by Microsoft after doing phishing via Call of Duty Server

14 Year Old Hacker Hired by Microsoft after doing phishing via Call of Duty Server   These are the kinds of things dreams are made of, a 14 year old hacker on Call of Duty was just recruited by Microsoft. You heard me right, Microsoft. This is exactly what Sony should have done with George Hotz – given him a job as a security specialist, instead of suing him in court and getting its PlayStation Network and other Sony websites hacked day in and out. Microsoft is reported to be working with the 14-year-old Irish hacker who managed to stir up a little trouble with his Call of Duty: Modern Warfare 2 phishing scam alert. According to the managing director of Microsoft of Ireland, the company is helping the hacker “develop his talent for legitimate purposes.” Congrats to that young hacker, whose name was not disclosed. While the new prospect for the Dublin kid is not meant to be an example for other hackers to follow, companies do have to realize that the...
Post a Comment
Read More