Hackers uncover serious vulnerabilities that let them remotely unlock and start cars

[Jan]

Serious security bugs allowed hackers to remotely unlock and start millions of cars

Yuga Labs security researchers discovered severe vulnerabilities in Hyundai's mobile apps and a smart vehicle platform used by multiple carmakers, both of which allowed hackers to remotely control several features.

The researchers detailed their exploits in two recent Twitter threads.

 

[gregmcc]

They discovered that the apps’ user validation was performed using the email address, included in the JSON body of POST requests.

Seriously?! The software developers should be fired. Security 101!

 

[Petec]

When it comes to non pc/server tech, security seems to be an afterthought.
Look at the stuff Barnaby Jack was exposing before they killed him he died from an "overdose".

 

[ubercal]

whats with developers and security or should i say lack of security.

 

[FiestaST]

Time to pop in the famous link, not fully related but defo counts.

Kia & Hyundai easily stolen.

Lol at Kia Boys

mybroadband.co.za

St. Louis preparing to sue Hyundai and Kia over rampant car thefts in the city

Car thefts have skyrocketed in St. Louis in recent months, with city leadership threatening lawsuits against Kia and Hyundai for an alleged defect that makes certain makes of the cars easier to steal. "Our drivers probably get about five of these things a day. Just Kias and Hyundais getting...

mybroadband.co.za

 

[Ipwn 4]

Nothing like rolling your own authentication.

 

[mypetcow]

Now that’s quite funny. I’d assume try do some security penetration testing before rolling it out…or not

 

[noxibox]

Just look at the insecure remotes they used for years. Cars have never been particularly secure.

 

[backstreetboy]

Gone in 50 seconds: Kia Edition

 

[~AoA~]