OnStar hack remotely starts cars, GM working on a fix

Sponsored Links

Jessica Conditt
July 30, 2015 1:58 PM
In this article: car, gm, hack, OnStar, ownstar, remotelink
OnStar hack remotely starts cars, GM working on a fix

Hacker Samy Kamkar unveiled his latest triumph this morning: OwnStar, a tiny box that acts as a Wi-Fi hotspot and intercepts commands sent from a driver's OnStar RemoteLink app, allowing an unauthorized user to locate, unlock or start the vehicle. Simply place the box somewhere in an OnStar-connected car and wait for the driver to start up the RemoteLink app within range of the vehicle. The driver's smartphone should automatically connect to OwnStar's network and, voila, the hacker now has all of the car owner's information (email, home address, final four digits on a credit card plus expiration date), and control of the car. GM has already issued one patch this morning aimed at securing the RemoteLink app, but it was unsuccessful, according to Kamkar.

Kamkar never intended to wreak havok with OwnStar, he said in an interview with Wired. He wanted to expose a vulnerability in the OnStar app and help GM fix it -- and it seems as if that's precisely what's happening. GM is working to patch the RemoteLink bug now and Kamkar says he's in contact with the company as they fix it. He plans to reveal more technical details about OwnStar at Defcon 2015, which runs from August 6th to the 9th in Las Vegas.

This is the second major car-based hack to surface this month. On July 24th, Fiat Chrysler issued a voluntary recall of 1.4 million US vehicles with certain touchscreen entertainment systems, after Wired reported that it was possible to remotely cut the engine, disable and activate the brakes, and track the location of these cars.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
View All Comments
OnStar hack remotely starts cars, GM working on a fix