Skip to main content

OnStar hacking issue resolved, General Motors says

onstar hacking issue resolved general motors says remotelink03 medium
About two weeks ago, a hacker exposed a vulnerability in General Motors’ OnStar telematics system that could allow ne’er-do-wells to remotely seize control of vehicles. GM has been implementing a fix to the problem, is now certain it is under control.

“We’re confident the issue is closed,” Terry Inch, GM’s OnStar chief, said in an interview with WardsAuto at a recent OnStar press event. GM began deploying its software fix almost immediately after the issue became public, and now believes the vulnerability has been completely eradicated.

Related Videos

Uncovered by researcher Sammy Kamkar, the vulnerability allowed hackers to break into a car’s onboard systems using the OnStar RemoteLink smartphone app. Chamber used a device positioned on the victim car to harvest credentials, and then use those credentials to mimic the app.

Since the app allows drivers to do things like remotely lock and unlock doors, or start the engine, those powers would be conferred to the hacker. GM has since added a patch that allows the OnStar system to check for fake access certificates, something it wasn’t programmed to do before.

“We feel the vulnerability is taken care of by downloading the new RemoteLink app,” GM’s Inch said. However, he cautioned that future hacking episodes are still possible, saying that “we can’t say something like this will never happen again.”

Inch said GM is always looking into ways to improve the system, including working with universities and government agencies to identify additional possible weak points, and to pre-empt any future hacker attacks.

The OnStar hack came hot on the heels of a vulnerability in Chrysler’s Connect infotainment system that allowed researchers Charlie Miller and Chris Valasek to remotely take control of a Jeep Cherokee. Fiat Chrysler Automobiles is recalling 1.4 million vehicles to implement a software fix.

Perhaps the most tech-heavy car on the market, the Tesla Model S, also became a victim recently. At the recent DefCon convention in Las Vegas, hackers Kevin Mahaffey and Marc Rogers claimed they were able to break into a Model S and control certain functions, including remotely shutting the car down.

As cars become increasingly connected and computerized, it seems the same vulnerabilities that plague smaller-scale electronic devices are creeping into dashboards. Consumers may soon have to decide if connectivity is worth the price of safety.

Editors' Recommendations

General Motors and Volkswagen are ignoring hybrids to go full electric
A 2019 Chevrolet Volt on the road.

It's always important to know when to pick your battles. Automakers are working to lower emissions in order to meet stricter regulations, but they're not all following the same strategy. While many automakers plan to use a mix of hybrids and all-electric cars, General Motors and Volkswagen will skip hybrids in order to focus on going fully electric, according to The Wall Street Journal.

That's largely due to the massive amounts of money GM and VW plan on investing in all-electric cars. GM has said it will launch 20 all-electric models by 2023, including U.S.-market models for Chevrolet and Cadillac. VW has planned a family of electric cars based on its new MEB platform, including a reincarnated Microbus that's due in 2022. The German automaker is also launching numerous electric cars under its other brands, including Audi and Porsche.

Read more
Tuners may have a big problem with Chevy’s mid-engine Corvette, report says
2020 mid-engined Chevrolet Corvette

The upcoming mid-engine 2020 Chevrolet Corvette C8 promises a new level of performance, but the aftermarket might hate it.

The next-generation Corvette will be the first to place its engine behind the driver, and that engine will be controlled by a "unique encrypted ECU system," according to Muscle Cars & Trucks (via Motor Authority). The encryption will prevent changes to the ECU software in pursuit of more horsepower, according to the report.

Read more
General Motors purges factories, staff, vehicle lineup to fund future tech
2018 Chevrolet Impala

General Motors is undertaking a massive cost-cutting plan aimed at freeing up cash to fund the development of technologies like electric powertrains and autonomous driving systems. But in the short term, GM appears set to purge many of the cars from its lineup as it closes factories that build them, while keeping more profitable trucks and SUVs in production.

"The actions we are taking today continue our transformation to be highly agile, resilient, and profitable, while giving us the flexibility to invest in the future," GM CEO Mary Barra said in a statement.

Read more