BrianKrebs on Nostr: Heads up to Kia owners/potential buyers: Today, a group of independent security ...
Heads up to Kia owners/potential buyers: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the internet-connected features of most modern Kia vehicles—dozens of models representing millions of cars on the road—from the smartphone of a car’s owner to the hackers’ own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will.
https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/Published at
2024-09-26 16:56:27Event JSON
{
"id": "51cbecbd576d98104ffa60199e00d0eb647c16b492e5ca2c1477138352b79040",
"pubkey": "1a5ac5b37984c5e37a11bc914029a81f025326ea7950c9475d9a3f21a494cb56",
"created_at": 1727369787,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/briankrebs/statuses/113204906425133168",
"activitypub"
]
],
"content": "Heads up to Kia owners/potential buyers: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the internet-connected features of most modern Kia vehicles—dozens of models representing millions of cars on the road—from the smartphone of a car’s owner to the hackers’ own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will.\n\nhttps://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/",
"sig": "f44610554c5cc1505cbb7c74a7ce57e1bda8986d9489c4a4f9191a05e737d118e4be0689c89b6b30e4cc7aee79985ebe8b3c50cc2f16626c0b3be61a3697066c"
}