Home Technology Kia website flaw meant cars could be hacked, say researchers

Kia website flaw meant cars could be hacked, say researchers

31
0


Last week, a team of independent security researchers published their discovery of a flaw in the car brand Kia’s web portal. It could be exploited to track and remotely control dozens of models.

Thanks to the vulnerability on the website, the researchers could hack a car in about 30 seconds, just by using its license plate. It did not matter if the car had an active Kia Connect subscription or not.

If the car was connected to the internet, it could have the power to track its location, unlock its door, and start the ignition remotely. The hackers were not able to actually move the vehicles, however, nor could they control the steering and brakes.

They were able to acquire customers’ names, phone numbers, email and home addresses though. Most modern vehicle models made after 2013 were susceptible in some capacity.

The group tested the hacks on rental cars and those owned by friends. It worked every single time.

One of the hackers, Sam Curry, told WIRED: “If someone cut you off in traffic, you could scan their license plate and then know where they were whenever you wanted and break into their car.

“If we hadn’t brought this to Kia’s attention, anybody who could query someone’s license plate could essentially stalk them.”

What has Kia done about the bug?

They alerted Kia to these problems when they discovered them back in June this year. WIRED reports that: “Kia appears to have fixed the vulnerability in its web portal, though it told WIRED at the time that it was still investigating the group’s findings and hasn’t responded to WIRED’s emails since then.”

This isn’t a new problem, nor is it the end for potential car hackings. The same group of researchers discovered other bugs in the last few years, affecting Hondas, Hyundais, BMWs, and more.

As Curry concluded on his blog: “Cars will continue to have vulnerabilities because, in the same way that Meta could introduce a code change which would allow someone to take over your Facebook account, car manufacturers could do the same for your vehicle.”

Feature image credit: Sam Curry

The post Kia website flaw meant cars could be hacked, say researchers appeared first on ReadWrite.





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here