Car Hacker Working With GM To Fix OnStar Vulnerabilities

White-hat hacker demonstrates "OwnStar" on video

Connected cars promise better safety and security, but, like anything connected to a network, they can be susceptible to attacks from hackers.

And General Motors Companyis just the latest automaker in the news due to cyber security concerns.

Security researcher—or “white hat” hacker—Samy Kamkar has posted a video on YouTube showing him using a device called “OwnStar,” which allows an unauthorized user to access some of the functionality of GM’s OnStar system.

During the demonstration, he is able to unlock, remote start, and track the vehicle.

Fortunately, driving away isn’t on the menu, as the device can’t mimic a key fob. Gaining access to the vehicle requires an attacker to be near a user who opens their OnStar app, but the location of the actual vehicle is unimportant.

The video above includes a basic breakdown of how the attack works.

According to Kamkar, the exploit works indefinitely, and is possible due to a flaw in the mobile software, not the vehicle itself. And while he is set to present his findings during the Def Con hacking conference—scheduled for August 6 through 9 in Las Vegas—he says GM engineers have been proactive in working to solve the problem.

The news comes on the heels of a Fiat Chrysler Automobiles recall of 1.4 million vehicles that was prompted after Wired magazine demonstrated hackers taking control of a 2014 Jeep Cherokee.

And it’s only a matter of time before the next vehicle hack is revealed.

Also From Motor Authority
LaFerrari Demolishes Bugatti Veyron In Drag Race: Video
Concept Of Tesla Model X-Rivaling Audi Q6 Leaks Out Ahead Of Frankfurt Debut
Hardcore Ferrari F12 Spied, May Carry GTO Title
Audi A4 Vs. BMW 3-Series: Compare Cars