Friday, December 8, 2023

Modern Cars are Vulnerable to Hacking and Malware Attack

Today convicted Modern cars are using a lot of technology and it always connected with internet that makes it extremely vulnerable and easy to compromise using Malware attacks and other security flaws that presented in the IoT Devices that connected with Modern cars.

Connected cars are rapidly increasing and multiple IoT devices are connected to the car that needs to communicate remotely in order to operate the users from Wifi and other drive assistance.

Automotive security field involved with a lot of security risks since Modern cars are exposed a lot of vulnerability that leads to face the High-security risks as other connected devices.

Also Read: Beware – Dangerous IoT Attacks Leads Some One to Hack and Control Your Car

Major Modern Cars Security Risk

Modern Cars
Image Courtesy: McAfee

Vehicle-to-Vehicle Communications

Vehicle-to-Vehicle Communications is established using Wireless network that allows making two vehicle’s successful communication on road and it allows to reduce the car speed if another vehicle comes closer.

In this case, Attacker could be abusing the flaw in the wireless communication technology and reduce the car speed and invaded by destructive malware and the V2V system becomes a vector, a malicious actor could create malware to infect many connected cars.

Controller Area Network Backdoor

Many cars are using controller area network (CAN) that using to communicates with a vehicle’s electronic control unit (ECU), which operates many subsystems such as antilock brakes, airbags, transmission, audio system, doors, and many other parts—including the engine.

Modern cars are using Diagnostic Version 2 port that used to diagnose problems with Mechanics and this could be abused by CAN traffic and intercepted from the OBD port.

So external OBD device could be plugged into a car as a backdoor for external commands, controlling services such as the Wi-Fi connection and unlock the door.

Malware and Exploits

Modern cars technology allows to connect the car with our smartphones to our cars, we add functions such as phone calls, SMS, and music and audiobooks.

Recent powerful Malware and exploits could compromise the device and firmware that will lead to compromise the car devices.

Car Theft and Key Fob Hacking

Key fob hacking is a procedure to enable an attacker to enter the car without softening up. This system is generally used by hackers and should be possible effectively with modest equipment.

In this case, attacker blocks the signal from the wireless key and lock the car and also reply the signal to compromise the car.

According to McAfee Research, One variant of the attack uses a jammer to block the signal. The jammer interferes with the electromagnetic waves used to communicate with the vehicle, blocking the signal and preventing the car from locking, leaving access free to the attacker.

Personal Data and Tracking

Connected Cars are kept recording the more sensitive personal data about the drivers from the external devices such as hone, and can include contact details, SMS and calls history and even musical tastes that connected to the cars.

These data are used by the companies, cybercriminals, and Governments to use it for various purposes such as spying and tracking the people, marketing or insurance contracts.

Fake Car Data

Advanced data can be adjusted and faked. By adjusting information, for example, contamination tests or execution, organizations results to increase sales Additionally, drivers could change auto insights, for example, separate set out to trick insurance agencies or future purchasers.


Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles