Wednesday, May 22, 2024

Modern Cars are Vulnerable to Hacking and Malware Attack

Today convicted Modern cars are using a lot of technology and it always connected with internet that makes it extremely vulnerable and easy to compromise using Malware attacks and other security flaws that presented in the IoT Devices that connected with Modern cars.

Connected cars are rapidly increasing and multiple IoT devices are connected to the car that needs to communicate remotely in order to operate the users from Wifi and other drive assistance.

Automotive security field involved with a lot of security risks since Modern cars are exposed a lot of vulnerability that leads to face the High-security risks as other connected devices.

Also Read: Beware – Dangerous IoT Attacks Leads Some One to Hack and Control Your Car

Major Modern Cars Security Risk

Modern Cars
Image Courtesy: McAfee

Vehicle-to-Vehicle Communications

Vehicle-to-Vehicle Communications is established using Wireless network that allows making two vehicle’s successful communication on road and it allows to reduce the car speed if another vehicle comes closer.

In this case, Attacker could be abusing the flaw in the wireless communication technology and reduce the car speed and invaded by destructive malware and the V2V system becomes a vector, a malicious actor could create malware to infect many connected cars.

Controller Area Network Backdoor

Many cars are using controller area network (CAN) that using to communicates with a vehicle’s electronic control unit (ECU), which operates many subsystems such as antilock brakes, airbags, transmission, audio system, doors, and many other parts—including the engine.

Modern cars are using Diagnostic Version 2 port that used to diagnose problems with Mechanics and this could be abused by CAN traffic and intercepted from the OBD port.

So external OBD device could be plugged into a car as a backdoor for external commands, controlling services such as the Wi-Fi connection and unlock the door.

Malware and Exploits

Modern cars technology allows to connect the car with our smartphones to our cars, we add functions such as phone calls, SMS, and music and audiobooks.

Recent powerful Malware and exploits could compromise the device and firmware that will lead to compromise the car devices.

Car Theft and Key Fob Hacking

Key fob hacking is a procedure to enable an attacker to enter the car without softening up. This system is generally used by hackers and should be possible effectively with modest equipment.

In this case, attacker blocks the signal from the wireless key and lock the car and also reply the signal to compromise the car.

According to McAfee Research, One variant of the attack uses a jammer to block the signal. The jammer interferes with the electromagnetic waves used to communicate with the vehicle, blocking the signal and preventing the car from locking, leaving access free to the attacker.

Personal Data and Tracking

Connected Cars are kept recording the more sensitive personal data about the drivers from the external devices such as hone, and can include contact details, SMS and calls history and even musical tastes that connected to the cars.

These data are used by the companies, cybercriminals, and Governments to use it for various purposes such as spying and tracking the people, marketing or insurance contracts.

Fake Car Data

Advanced data can be adjusted and faked. By adjusting information, for example, contamination tests or execution, organizations results to increase sales Additionally, drivers could change auto insights, for example, separate set out to trick insurance agencies or future purchasers.


Latest articles

Hackers Claiming Access to Qatar National Bank Database

A group of hackers has claimed to have accessed the database of Qatar National...

Cloud-Based Malware Attack Abusing Google Drive & Dropbox

A phishing email with a malicious zip attachment initiates the attack. The zip contains...

OmniVision Technologies Cyber Attack, Hackers Stolen Personal Data in Ransomware Attack

OmniVision Technologies, Inc. (OVT) recently disclosed a significant security breach that compromised its clients'...

Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code

The widely used team workspace corporate wiki Confluence has been discovered to have a...

Threat Actors Leverage Bitbucket Artifacts to Breach AWS Accounts

In a recent investigation into Amazon Web Services (AWS) security breaches, Mandiant uncovered a...

Hackers Breached Western Sydney University Microsoft 365 & Sharepoint Environments

Western Sydney University has informed approximately 7,500 individuals today of an unauthorized access incident...

Memcyco Report Reveals Only 6% Of Brands Can Protect Their Customers From Digital Impersonation Fraud

Memcyco Inc., provider of digital trust technology designed to protect companies and their customers...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles