Researchers use malware CD to hijack a car

Researchers use malware CD to hijack a car

A researcher has managed to hack into a car using a malware-infected CD, it has been revealed.

Stefan Savage, professor of Computer Sciences at the University of California, headed up the research team claims that modern cars use a mash up of different third-party and OEM software that end up making the car vulnerable to hacking and hence carjacking.

Furthermore, he added that the operating systems being used in the vehicles are not as hard to compromise as others.

Simply by playing a malware bearing .WMA track from a CD inside the car, the researchers were able to gain access to that vehicle.

He said that playing 18 seconds of the track was all it took to take over the car's systems.

Speaking about the project, Mr Savage said: “For cars the OEM is not the developer, they are the integrator, so there are software supply chain issues. Source code is frequently not available, so code inspection does not work, since no party in the world has access to all of a car’s source code.

“A firewall is not going to do it, the architecture is too complex and cost really counts to these guys - saying ‘it’s only a $5 (£3.50) fix per car’ doesn’t cut it. That said, there could be a great tinfoil hat boutique business for hackers who want to pimp their cyber ride with a firewall.”

Mr Savage added that the only way to avoid such a carjacking is to have a remote updating system.

Share this post

Join our cloud community

Join our cloud community Sign up for email updates