Print 33 comment(s) - last by JediJeb.. on Feb 10 at 2:59 PM

The device will be presented at the Black Hat Asia security conference in Singapore next month

A team of Spanish security researchers is out to beef up auto security by showing its ability to hack a car with a device the size of your hand. 
According to Forbes, security researchers Javier Vazquez-Vidal and Alberto Garcia Illera plan to show a new device they've built at the Black Hat Asia security conference in Singapore next month -- and they're hoping it will be a wake-up call for the auto industry.
The device is called the CAN Hacking Tool (CHT) and it attaches via four wires to the Controller Area Network or CAN bus of a vehicle. It draws power from the car’s electrical system and allows an attacker to send wireless commands remotely from a computer. 
The researchers say it's as easy as lifting the hood real quick or simply sliding under the car to attach the device to a vehicle and walk away. 
From there, the attacker could switch off headlights, set off alarms, roll windows up and down, and access anti-lock brakes or emergency brakes. The researchers have already tested it on four different vehicles, although they won't reveal which makes and models.

CHT [SOURCE: Forbes]

For right now, the device only works using Bluetooth, which means it can be controlled from just a few feet away. But the research team said that by the time the conference rolls around next year, it will implement a GSM cellular radio, which will allow remote control of the vehicle from a few miles away. 
“It can take five minutes or less to hook it up and then walk away,” said Vazquez-Vidal. “We could wait one minute or one year, and then trigger it to do whatever we have programmed it to do.”
What makes matters worse is that the items needed to build the device can all easily be bought from store shelves, and costs under $20 total. 
Also, it's nearly impossible to trace the attacker, according to the researchers.
The team said they built the device to show automakers what attackers are capable of, and to call for greater security in cars, which are becoming increasingly connected and more vulnerable to hacks. 
“The goal isn’t to release our hacking tool to the public and say ‘take this and start hacking cars,’” says Vazquez-Vidal. “We want to reach the manufacturers and show them what can be done.”

Source: Forbes

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Lol what?
By Dr of crap on 2/6/2014 12:24:46 PM , Rating: 3
I agree with your last two items.
But the first one you are wrong.
None of my four cars is immobile or sets of an alarm if the hood is opened. BUT you'd need to have a door open so you could get inside to release the hood lock.

I agree this is a load of crap.

WHERE can you just hook up to the CAN under the car???

RE: Lol what?
By Etsp on 2/6/2014 1:52:05 PM , Rating: 2
I think the alarm/immobile thing comes into play if the doors weren't properly unlocked when the hood lock gets released.

By "properly" I mean by either using the key in the door or using the button on the key fob.

RE: Lol what?
By JediJeb on 2/6/2014 3:49:25 PM , Rating: 2
BUT you'd need to have a door open so you could get inside to release the hood lock.

If you try hard enough, on some you can use a pair of needle nose pliers and reach in and grab the hood latch cable and pull it just right and unlock the hood. It is not easy, but also not impossible.

RE: Lol what?
By flatrock on 2/7/2014 9:11:29 AM , Rating: 2
I just read an article on Car and Driver which contained an interesting hack among a lot of fluff and some inaccuracies.

Apparently some Swiss researchers cam up with the idea of using a directional antenna and a radio repeater to extend the range of a car's key fob. They didn't break the encryption or create their own fob for access, but while you are across the parking lot headed into a building they can make your car think you are standing right next to the door, and just press the button on the handle to unlock the door.

Stick a ELM327 wifi dongle into the CAN port and they are in business. Use a directional wifi antenna and they can communicate with the CAN bus from another vehicle without much difficulty.

It requires proximity and leave evidence behind, but it's still a bit scary.

"Google fired a shot heard 'round the world, and now a second American company has answered the call to defend the rights of the Chinese people." -- Rep. Christopher H. Smith (R-N.J.)
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki