Virtually all new cars have smart features, an in-dash screen and an internet connection; they’re basically smartphones on wheels, which also means their issues are starting to be similar.
[Millones de móviles tienen un problema de seguridad que las marcas no han querido solucionar]
In the same way that a “bug” in an application can expose our smartphone and allow entry without our permission, cars are also in danger, as the Yuga Labs Security Researchers.
Security hole in the Hyundai app
Like many other manufacturers, Hyundai has an official application for Android, which allows direct connection to our car to access information and some advanced features, depending on the model.
The researchers found that this application had very similar problems to those already encountered in the SiriusXM platform, used by many manufacturers in the United States in brands such as Acura or Infinity (owned by Honda and Nissan respectively).
Although the specific failure has not yet been made public, the researchers were able to provide a general explanation of why this application was not secure. Basically, if an attacker gets intercept the communication between our mobile and the caryou can access all the data necessary to impersonate us and take control of the vehicle.
The Hyundai app had a major security flaw
During the study, the researchers analyzed the data transferred between the app and the car’s internal system, and found that the car only requires email address of the user to verify who it is. It’s not just that it’s relatively easy to understand, it’s that the app itself already transmits the email address during communication, so you just have to copy it to use it.
In their tests, the researchers were able to unlock the doors of a Hyundai car mere seconds after the onset of the attack; Not only that, but they had access to all the features of the app, including the ability to start the engine. Therefore, in a short period of time, a thief could take our car, without any sort of struggle or anything suspicious.
Hyundai app bug unlocked car
The good news is that Hyundai has already updated the app to fix this security issue, so as long as we keep the app up to date, we shouldn’t be at risk. But it reminds of the new challenges faced by car manufacturers, who now also have to take cybersecurity into account in their products.
You may be interested
Follow the topics that interest you
