Skip to main content
  1. Home
  2. Cars
  3. News

OnStar hacking issue resolved, General Motors says

Stephen Edelstein
By

onstar hacking issue resolved general motors says remotelink03 medium
About two weeks ago, a hacker exposed a vulnerability in General Motors’ OnStar telematics system that could allow ne’er-do-wells to remotely seize control of vehicles. GM has been implementing a fix to the problem, is now certain it is under control.

“We’re confident the issue is closed,” Terry Inch, GM’s OnStar chief, said in an interview with WardsAuto at a recent OnStar press event. GM began deploying its software fix almost immediately after the issue became public, and now believes the vulnerability has been completely eradicated.

Uncovered by researcher Sammy Kamkar, the vulnerability allowed hackers to break into a car’s onboard systems using the OnStar RemoteLink smartphone app. Chamber used a device positioned on the victim car to harvest credentials, and then use those credentials to mimic the app.

Since the app allows drivers to do things like remotely lock and unlock doors, or start the engine, those powers would be conferred to the hacker. GM has since added a patch that allows the OnStar system to check for fake access certificates, something it wasn’t programmed to do before.

“We feel the vulnerability is taken care of by downloading the new RemoteLink app,” GM’s Inch said. However, he cautioned that future hacking episodes are still possible, saying that “we can’t say something like this will never happen again.”

Inch said GM is always looking into ways to improve the system, including working with universities and government agencies to identify additional possible weak points, and to pre-empt any future hacker attacks.

The OnStar hack came hot on the heels of a vulnerability in Chrysler’s Connect infotainment system that allowed researchers Charlie Miller and Chris Valasek to remotely take control of a Jeep Cherokee. Fiat Chrysler Automobiles is recalling 1.4 million vehicles to implement a software fix.

Perhaps the most tech-heavy car on the market, the Tesla Model S, also became a victim recently. At the recent DefCon convention in Las Vegas, hackers Kevin Mahaffey and Marc Rogers claimed they were able to break into a Model S and control certain functions, including remotely shutting the car down.

As cars become increasingly connected and computerized, it seems the same vulnerabilities that plague smaller-scale electronic devices are creeping into dashboards. Consumers may soon have to decide if connectivity is worth the price of safety.

Editors' Recommendations

Looking for a side hustle? Drive with Uber and start earning

An Uber driver conversing with her passengers.

Mercedes-Benz GLC-Class takes a subtle approach to tech

2023 mercedes benz glc class preview

Buick announces plan to go all-electric with stunning EV concept

Front three quarter view of the Buick Wildcat EV concept.

How do electric cars work? EV motors and batteries explained

Electric GT e-Crate Motor Tesla battery

Jeep built a monster electric prototype to show what EVs can really do off-road

Front three quarter view of the Jeep Magneto 2.0 EV concept

Lucid doubles down on horsepower with the Air Grand Touring Performance

Front three quarter view of the Lucid Air Grand Touring Performance EV.

Segway’s Engine Speaker makes your scooter sound like a Ferrari

Segway's Engine Speaker.

Inside the Vietnamese giant that wants to sell you your next EV

VinFast VF 8.

Tesla’s Shanghai workers reportedly sleeping at factory

The interior of a Tesla factory.

Off-roading in a plug-in Jeep is like hiking with A/C

2022 Jeep Grand Cherokee 4xe front three quarter trailside

Jeep Grand Cherokee 4xe first drive review: Do-it-all plug-in

The 2022 Jeep Grand Cherokee 4xe plug-in hybrid perched on a rock.

Mercedes-Benz EQS SUV is a luxury SUV for the family

mercedes benz eqs suv preview

The all-electric BMW i7 is a home theater on wheels

Front three quarter view of the 2023 BMW i7.