Hackers finding ways to exploit automotive software to overtake cars


A new report from IntSights details the many ways cybercriminals break into a new generation of highly digitized cars.

The AT&T Harman Spark is a connected car device and app
This device turns any car manufactured in 1996 or later into a connected vehicle with emergency crash assistance, vehicle diagnostics, location information, roadside assistance and even a Wi-Fi hotspot.

Over the last ten years cars have become packed full of new technology that makes it easier to play music and movies, take calls, or get directions all from your dashboard. But this digitization has come at a cost, giving cybercriminals a seemingly endless amount of access points to take over vehicles.

Cybersecurity firm IntSights recently released, “Under The Hood: Cybercriminals Exploit Automotive Industry’s Software Features,” a study on how hackers are managing to get into cars and do damage.

The study notes that hackers have infiltrated automotive systems and hardware since 2010.

“The pressure to deliver products as fast as possible puts a big strain on vehicle security capabilities, manufacturing facilities, and automotive data. Industry leaders have since come to understand that cybercrime threats to cars were not as far-fetched as originally thought,” the report said. “IntSights discovered easy-fo-find online shops that sell car hacking tools on the clear web. These online shops sell services that disconnect automobile immobilizers, as well as services that sell code grabbers and forums that give bad actors a complete tutorial on how to steal vehicles.” 

The IntSights report said most car hacking tools can be found on websites or forums like Omerta.cc, Sindikat, Nulled.to, Carmasters.org, Autoteamsforums.ru, ffffff.ru, and Dublikat, which provide a wealth of information, tools, code grabbers, and tutorials. There are also a bevy of Russian sites offering help like forum.grabbs.org, Migalki.pw, and…