Flaw in Kia’s web portal let researchers track, hack cars
When security researchers in the past found ways to hijack vehicles’ Internet-connected systems, their proof-of-concept demonstrations tended to show, thankfully, that hacking cars is hard. Exploits like the ones that hackers used to remotely take over a Chevrolet Impala in 2010 or a Jeep in 2015 took years of work to develop and required ingenious tricks: reverse engineering the obscure code in the cars’ telematics units, delivering malicious software to those systems via audio tones played over radio connections, or even putting a disc with a malware-laced music file into the car’s CD drive.
This summer, one small group of hackers demonstrated a technique to hack and track millions of vehicles that’s considerably easier—as easy as finding a simple bug in a website.