Kaspersky focused on breaking Android connected car apps, as iOS phones are apparently less easy to hack. The researchers discovered that seven of nine connected car apps they tested were hackable. The two primary means of hacking the software were rooting and adding software to the phone.
With a rooted phone, hackers could gain access to the phone’s operating system to make changes or to access private information. Other hacking approaches entail fooling owners into downloading either previously hacked versions of the connected car software, or malware that detects when a connected car app launches. In any case, the aim would be to obtain login credential for the car app.
The researchers did not make public the specific apps they tested, preferring not to pass on any tips to hackers and thieves. They reported that the hacked apps would allow entry to the vehicles, but not start and drive them away. That could however be fine with many thieves. Identity theft is often the primary purpose of car break-ins, Chris McDonald, Chair of the Vehicle Crimes Committee, International Association of Chiefs of Police told Digital Trends.
The Kaspersky researchers told Wired they informed car companies about the security issues, which aren’t bugs, but a lack of defense. “Why don’t connected car application developers care about security as much as the developers of banking applications?” asks Kaspersky researcher Viktor Chebyshev. “They’re also controlling very valuable things for the user, but they’re not thinking about security mechanisms.”
Editors' Recommendations
- This $3 USB adapter fixed all of my Apple CarPlay connection problems
- Cash App breach impacts millions of U.S. customers
- I installed Android apps on a Surface Pro 8, and it felt on par with an iPad
- Sideloading Android apps in Windows 11 might be easier thanks to Amazon
- The best car-sharing apps for Android and iOS
