<!—->
Hackers were able to access real-time GPS data in some cases, and to remotely start and stop a vehicle in others
<!–
–> by Sebastien Bell
6 hours ago
–> 
by Sebastien Bell
–>
A wide variety of automakers were notified of major cybersecurity flaws in their vehicles by white hat hackers. The researchers discovered late last year that they could find owners’ personal information, find live GPS data, and even start and stop some vehicles remotely.
The hackers disclosed these weaknesses to the automakers (and others), who have all responded and attempted to remedy the security flaws. The hackers, led by Sam Curry, have now written up their findings in a blog post.
They found vulnerabilities of varying degrees in vehicles from Hyundai, Genesis, Kia, Honda, Infiniti, Nissan, Acura, Mercedes, BMW, Rolls-Royce, Ferrari, Ford, Porsche, Toyota, and Jaguar Land Rover. In addition, companies like Reviver, which produces digital license plates, were also found to have cybersecurity issues.
Read: Hackers Could Remotely Unlock, Start Honda, Nissan, Infiniti, And Acura Cars Through SiriusXM
These varied from the ability to access “mission-critical internal applications,” in the case of Mercedes, to being able to remotely lock and unlock a vehicle, start and stop engines, flash headlights, honk horns, and more in Hyundai and Genesis vehicles.
In Ferraris, meanwhile, the hackers were able to access customer records, change Ferrari-owned web pages, and takeover customer accounts. That meant that hackers could gain access to personal information, such as addresses, and more.
advertisement scroll to continue
Alarmingly, the hackers were able to find live Porsche vehicle locations, send commands to those vehicles, and retrieve customer information. Similarly, Reviver, the makers of digital license plates, could also be hacked to give up GPS data and user records. The researchers could have even marked vehicles with these plates as stolen, putting owners at risk of being treated as thieves by the police.
Although all of the vulnerabilities found by these hackers have been remedied by the automakers, their existence highlights the security gaps that exist in many modern automobiles. Speaking to BleepingComputer, Curry had the following advice for owners:
“When purchasing a used car, make sure that the prior owner’s account has been removed,” said Curry. “Use strong passwords and set up 2FA (two-factor authentication) if possible for apps and services which link to your vehicle.”
