By Victoria Woollaston
PUBLISHED: 08:36 EST, 6 February 2014 | UPDATED: 08:37 EST, 6 February 2014
Not content with stealing your personal information, hackers could soon take control of your car - using a homemade gadget that is smaller than an mobile phone.
Called the CAN Hacking Tool (CHT), the device can be fitted to any car's Controller Area Network 'within minutes' and run malicious code through the vehicle's system.
Once hackers take hold of this network they can control lights, locks, steering and even brakes - and the it costs just $20 (£12).
HOW DOES THE CAN HACKING TOOL WORK?
The gadget was created by Spanish security researchers Javier Vazquez Vidal and Alberto Garcia Illera.
It was previously showcased at last year's Black Hat conference in Las Vegas, and now the developers plan to demonstrate the device during the Singapore version of the event in March.
'It can take five minutes or less to hook it up and then walk away,' Vazquez Vidal told Forbes. 'We could then trigger it to do whatever we have programmed it to do.'
Many cars come with built-in software that run on an operating system in a similar way to phones and computers.
The tool has four wires that are attached to the different outputs of a car's controller network.
A $1 computer chip is used to bypass any encryption on the car before reading and writing data from the flash memory of the vehicle's engine control unit.
The gadget is smaller than an iPhone, meaning it sits in the palm of the hacker's hand, and can be controlled remotely.
Hackers can use any command they want to program an action via the CHT, and this includes disabling the brakes, deploying the airbag, locking the doors and enabling the alarm.
Vazquez Vidal and Garcia Illera's gadget is not the first example of hackers exploiting the vulnerability of car systems and software.
Using a laptop wirelessly connected to a car's electronics, Indiana security engineers Charlie Miller and Chris Valasek were able to remotely control the brakes, the accelerator, change the speedometer, switch the headlights on and off, tighten the seatbelts and even blast the horn i nside a Toyota Prius and Ford Escape.
Their project was funded by a grant from the U.S Defense Advanced Research Projects Agency to highlight the security risks affecting modern-day cars.
By hacking the network in the two cars, and exploiting Bluetooth bugs, the software became hackable and the researchers said it was possible to send remote code executions from a mobile device.
Remote code executions let people remotely control the car's features.
Toyota previously said it 'wasn't impressed' with Miller and Valasek's hack and claimed its systems were robust and secure.
A Ford spokesman said they were taking the hack 'very seriously'.
Researchers from the University of Washington and the University of California, San Diego were the first to publish findings into hacking software in cars in 2010.
Valasek said: ' Academics have shown you can get remote code execution. We showed you can do a lot of crazy things once you're inside.'
VIDEO: Forbes' Andy Greenberg takes a test ride in the hacked car
No comments:
Post a Comment