Sunday, December 8, 2024
HomeCyber Security NewsHacking Kia Cars Remotely with a License Plate

Hacking Kia Cars Remotely with a License Plate

Published on

SIEM as a Service

Cybersecurity researchers have uncovered a significant vulnerability in Kia vehicles that allowed hackers to remotely control key functions using nothing more than a car’s license plate.

This breach, discovered on June 11, 2024, exposed the potential for unauthorized access to personal information and vehicle control, raising serious concerns about automotive cybersecurity.

The Discovery

According to the Samcurry reports, the vulnerability was identified by a group of ethical hackers who had previously investigated security flaws in various car manufacturers.

- Advertisement - SIEM as a Service

Their latest findings revealed that attackers could execute remote commands on Kia vehicles equipped with specific hardware in as little as 30 seconds.

This breach did not require an active Kia Connect subscription, making it accessible to many vehicles.

Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Free Registration

How the Hack Works

The attack method involved entering a Kia vehicle’s license plate into a specially designed tool.

The tool then allowed the hacker to execute commands such as locking or unlocking doors, starting or stopping the engine, and even accessing the vehicle’s camera system.

The tool also enabled attackers to silently gather personal information, including the owner’s name, phone number, email address, and physical address.

HTTP Request to Unlock Car Door on the “owners.kia.com” website

POST /apps/services/owners/apigwServlet.html HTTP/2
Host: owners.kia.com
Httpmethod: GET
Apiurl: /door/unlock
Servicetype: postLoginCustomer
Cookie: JSESSIONID=SESSION_TOKEN;

Vehicles Affected

The breach affected several models across different years. Notable among them were the 2025 Carnival EX, SX, LX, and Hybrid versions, as well as the 2025 K5 and Sportage models.

The vulnerability allowed for remote lock/unlock and start/stop across these models.

Full high level attack flow
Full high level attack flow

The implications of this vulnerability were profound. An attacker could effectively take control of a vehicle without the owner’s knowledge or consent.

The ability to track vehicles and issue commands remotely posed significant risks to privacy and safety.

Hacking a car using just the license plate
Executing commands on the compromised vehicle
Executing commands on the compromised vehicle

Response from Kia

Upon discovering the vulnerability, the researchers promptly reported it to Kia. The company has since implemented fixes to address the security flaws.

Kia confirmed that there was no evidence of malicious exploitation of these vulnerabilities before they were patched.

This incident underscores the importance of ethical hacking in identifying and mitigating potential security threats.

The researchers involved in this discovery have previously worked on uncovering vulnerabilities in other car manufacturers, contributing significantly to automotive cybersecurity.

As vehicles become increasingly connected and reliant on digital systems, ensuring robust cybersecurity measures is paramount.

Manufacturers must prioritize security in their design processes and remain vigilant against emerging threats.

The revelation of this vulnerability serves as a stark reminder of the potential risks associated with connected vehicles.

While Kia has taken steps to rectify the issue, ongoing vigilance and proactive security measures are essential to protect consumers from similar threats in the future. 

Analyse AnySuspicious Links Using ANY.RUN's New Safe Browsing Tool: Try It for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...