How a $100 Gadget Can Hijack GM Cars

Samy Kamkar has struck again.

The Los Angeles-based white-lid hacker, whom nosotros last encountered when he used a kid'south toy to open up garage doors, has built a $100 device that intercepts the signals from a commuter'due south smartphone and uses them to unlock the doors, honk the horn or even start the engine of the victim's General Motors vehicle.

MORE: How to Patch Your Fiat Chrysler Vehicle Against Hackers

This isn't as serious as the flaw revealed last week in Fiat Chrysler vehicles, which let hackers remotely cut the brakes or disable the transmission of cars and trucks equipped with Chrysler's Uconnect service. (Nether pressure from government regulators, Fiat Chrysler issued a think of 1.iv 1000000 vehicles concluding Friday.) But it once again demonstrates the risks inherent in connecting cars to the Net — risks that car makers oft don't fully consider.

"Fortunately, the issue [with the OnStar hack] lies with the mobile software, and is not a problem with the vehicles themselves," Kamkar said in a YouTube video he posted today (July 30). "GM and OnStar have so far been receptive to me, and are already working on a resolution to protect consumers."

A GM spokesperson told Wired News earlier today that the problem had already been fixed, but Kamkar tweeted that it hadn't.

The problem lies in GM'southward OnStar RemoteLink app, which has encryption flaws that let malicious Wi-Fi hotspots to intercept its signals and steal the user's username and password. Kamkar built a small battery-powered computer that does just that, using parts that add upward to about $100.

The grab is that the estimator, which Kamkar cheekily dubbed "OwnStar," has to be within Wi-Fi range of a specific vehicle's commuter'due south telephone — say, for example, nether the seat or strapped to a bumper.

It captures the credentials for the driver's OnStar connection by pretending to be a "known" Wi-Fi hotspot, such as "attwifi," so sends the credentials via cellular network to the attacker's own phone.

The attacker then uses his ain OnStar RemoteLink app to connect to the victim's motorcar over a cellular network. Just like the true owner, the attacker can unlock the doors, turn on the lights, honk the horn, locate the vehicle or even start the engine. He can't drive abroad, however — that requires an bodily fundamental or keyfob.

"To prevent this kind of assault," Kamkar says in the video, "I suggest non opening the RemoteLink app up until an update has been provided from OnStar."

Another mode to reduce the chances of an attack would be for users of the OnStar app to turn off Wi-Fi on their phones when they leave the house. They'll yet exist able to use the OnStar app without Wi-Fi.

Kamkar plans to provide further details on OwnStar adjacent weekend at the DEF CON hacker briefing in Las Vegas.

How the Internet of Things Could Kill Yous
7 Scariest Security Threats Headed Your Way
Encounter the Hackers Making Your Connected Car Safer

Paul Wagenseil is a senior editor at Tom'southward Guide focused on security and gaming. Follow him at @snd_wagenseil .Follow Tom's Guide at @tomsguide , on Facebook and on Google+ .

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry melt, long-booty driver, code monkey and video editor. He's been rooting around in the information-security space for more 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom'south Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even chastened a panel discussion at the CEDIA home-technology conference. You tin follow his rants on Twitter at @snd_wagenseil.