Latest in Car

Image credit:

OnStar hack remotely starts cars, GM working on a fix

Share
Tweet
Share

Sponsored Links

Hacker Samy Kamkar unveiled his latest triumph this morning: OwnStar, a tiny box that acts as a Wi-Fi hotspot and intercepts commands sent from a driver's OnStar RemoteLink app, allowing an unauthorized user to locate, unlock or start the vehicle. Simply place the box somewhere in an OnStar-connected car and wait for the driver to start up the RemoteLink app within range of the vehicle. The driver's smartphone should automatically connect to OwnStar's network and, voila, the hacker now has all of the car owner's information (email, home address, final four digits on a credit card plus expiration date), and control of the car. GM has already issued one patch this morning aimed at securing the RemoteLink app, but it was unsuccessful, according to Kamkar.

Kamkar never intended to wreak havok with OwnStar, he said in an interview with Wired. He wanted to expose a vulnerability in the OnStar app and help GM fix it -- and it seems as if that's precisely what's happening. GM is working to patch the RemoteLink bug now and Kamkar says he's in contact with the company as they fix it. He plans to reveal more technical details about OwnStar at Defcon 2015, which runs from August 6th to the 9th in Las Vegas.

This is the second major car-based hack to surface this month. On July 24th, Fiat Chrysler issued a voluntary recall of 1.4 million US vehicles with certain touchscreen entertainment systems, after Wired reported that it was possible to remotely cut the engine, disable and activate the brakes, and track the location of these cars.

In this article: car, gm, hack, OnStar, ownstar, remotelink
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Engadget's 2020 Back-to-School Guide

Engadget's 2020 Back-to-School Guide

View
The Morning After: Google's $350 Pixel 4a is the best midrange phone you can buy

The Morning After: Google's $350 Pixel 4a is the best midrange phone you can buy

View
A $13,000 electric car will go on sale in the US by late 2020

A $13,000 electric car will go on sale in the US by late 2020

View
'Avengers: Endgame' directors will make Netflix's most expensive film yet

'Avengers: Endgame' directors will make Netflix's most expensive film yet

View
China won't accept 'theft' of TikTok, according to state newspaper

China won't accept 'theft' of TikTok, according to state newspaper

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr