Skip to main content
  1. Home
  2. Cars
  3. News

OnStar hacking issue resolved, General Motors says

Stephen Edelstein
By

onstar hacking issue resolved general motors says remotelink03 medium
Image used with permission by copyright holder
About two weeks ago, a hacker exposed a vulnerability in General Motors’ OnStar telematics system that could allow ne’er-do-wells to remotely seize control of vehicles. GM has been implementing a fix to the problem, is now certain it is under control.

“We’re confident the issue is closed,” Terry Inch, GM’s OnStar chief, said in an interview with WardsAuto at a recent OnStar press event. GM began deploying its software fix almost immediately after the issue became public, and now believes the vulnerability has been completely eradicated.

Recommended Videos

Uncovered by researcher Sammy Kamkar, the vulnerability allowed hackers to break into a car’s onboard systems using the OnStar RemoteLink smartphone app. Chamber used a device positioned on the victim car to harvest credentials, and then use those credentials to mimic the app.

Related

Since the app allows drivers to do things like remotely lock and unlock doors, or start the engine, those powers would be conferred to the hacker. GM has since added a patch that allows the OnStar system to check for fake access certificates, something it wasn’t programmed to do before.

“We feel the vulnerability is taken care of by downloading the new RemoteLink app,” GM’s Inch said. However, he cautioned that future hacking episodes are still possible, saying that “we can’t say something like this will never happen again.”

Inch said GM is always looking into ways to improve the system, including working with universities and government agencies to identify additional possible weak points, and to pre-empt any future hacker attacks.

The OnStar hack came hot on the heels of a vulnerability in Chrysler’s Connect infotainment system that allowed researchers Charlie Miller and Chris Valasek to remotely take control of a Jeep Cherokee. Fiat Chrysler Automobiles is recalling 1.4 million vehicles to implement a software fix.

Perhaps the most tech-heavy car on the market, the Tesla Model S, also became a victim recently. At the recent DefCon convention in Las Vegas, hackers Kevin Mahaffey and Marc Rogers claimed they were able to break into a Model S and control certain functions, including remotely shutting the car down.

As cars become increasingly connected and computerized, it seems the same vulnerabilities that plague smaller-scale electronic devices are creeping into dashboards. Consumers may soon have to decide if connectivity is worth the price of safety.

Editors' Recommendations

Topics
Stephen Edelstein
Stephen Edelstein
Contributing Editor
Stephen is a freelance automotive journalist covering all things cars. He likes anything with four wheels, from classic cars…
General Motors and Volkswagen are ignoring hybrids to go full electric
A 2019 Chevrolet Volt on the road.

It's always important to know when to pick your battles. Automakers are working to lower emissions in order to meet stricter regulations, but they're not all following the same strategy. While many automakers plan to use a mix of hybrids and all-electric cars, General Motors and Volkswagen will skip hybrids in order to focus on going fully electric, according to The Wall Street Journal.

That's largely due to the massive amounts of money GM and VW plan on investing in all-electric cars. GM has said it will launch 20 all-electric models by 2023, including U.S.-market models for Chevrolet and Cadillac. VW has planned a family of electric cars based on its new MEB platform, including a reincarnated Microbus that's due in 2022. The German automaker is also launching numerous electric cars under its other brands, including Audi and Porsche.

Read more
Tuners may have a big problem with Chevy’s mid-engine Corvette, report says
2020 mid-engined Chevrolet Corvette

The upcoming mid-engine 2020 Chevrolet Corvette C8 promises a new level of performance, but the aftermarket might hate it.

The next-generation Corvette will be the first to place its engine behind the driver, and that engine will be controlled by a "unique encrypted ECU system," according to Muscle Cars & Trucks (via Motor Authority). The encryption will prevent changes to the ECU software in pursuit of more horsepower, according to the report.

Read more
Mercedes-Benz EQG: range, price, release date, and more
Concept image of the larger electric G-Wagon

The G-Class is going electric. We already knew that Mercedes-Benz was working on an electric, small-size G-Wagon, but it looks like the company is also working on a larger G-Class SUV, in the form of the EQG. In fact, Mercedes has gone as far as to show off a concept version of the off-roader.

While there's much we don't know about what will become the production model of the EQG, Mercedes has also shared a lot about it. Curious about whether the Mercedes-Benz EQG could be the EV for you? Here's everything we know so far.
Design
Fear not -- the EQG will retain many of the design aspects of the G-Class that you already know and love but with a modern face-lift. The EQG will keep the boxy design that gives the G-Class a classic look but with some additional modern styling, at least if the concept version is anything to go by.

Read more