It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Zero-day exploit lets hackers remotely force cars off the road

page: 1

log in


posted on Jul, 22 2015 @ 10:15 AM
Well this is scary, especially considering I'm a recent owner of a 2014 Jeep wrangler. Apparently, 'the attack is possible thanks to a system in most Chrysler models called UConnect, which largely computerizes the car and allows a lot of cool features by connecting to a centralized hub, accessible through a WiFi hotspot.' Nope, these aren't even those self-driving, all electric, vehicles either. It's just a plain old (modern) vehicle.

Armed with nothing more than the car’s IP address, this exploit allows infiltration of the car’s internal network via the WiFi hotspot, allowing the firmware to be completely rewritten to grant access to the car’s physical controls — the steering, brakes, accelerator, and more. Some of these can be controlled directly, other simply disconnected, but all are critical to road safety.


I get why companies want to add such systems to their products. The features can be great, useful, and even safer. However, in this day and age where the population of talented hackers is ever-growing, these systems seem almost irresponsibly ignorant and potentially dangerous rather than in any way useful.

This is not dissimilar to the recent "professional hacker attack" on a giant yacht where “GPS spoofing” was recently able to gently steer a ship without the crew noticing.

Without needing a physical connection, or even a password, hackers have managed to remotely control a car on the highway. The demonstration was organized by two security researchers for Wired‘s Andy Greenberg, as they hacked into his Jeep Cherokee and took the wheel, via the internet. First they demonstrated peripheral access, controlling the fans, stereo, windshield wipers, and wiper fluid. Then the attack got serious.

Purely remotely, and not having had physical access to the car at any prior point, the attackers were able to inactivate the transmission, disconnecting the engine from the drive train and functionally putting the car into neutral. The exploit can also control with the car’s brakes, but in their initial attack the hackers chose to let Greenberg bring himself to a stop on an operational freeway on-ramp. The journalist was forced to call and ask the hackers to let up, his safety now dependent on a stranger’s willingness to voluntarily refrain from exploiting a vulnerability that exists in every Jeep Cherokee currently on the road — and potentially in every other modern Chrysler vehicle, given some basic tweaks to the attack.

They were even taunting the driver via the microphones and displays in the vehicle

This isn't really a new thing. Hackable computers are everywhere, and with varying consequences. We can hack into our refrigerators and change the temperature, spoiling the food. And we have systems where we can unlock our front door or turn on/off the oven via our phones.

At what point does convenience become more of a burden?
edit on 22/7/15 by Ghost147 because: (no reason given)

posted on Jul, 22 2015 @ 10:27 AM
a reply to: Ghost147

Imagine if Chinese, North Korean and other foreign Hackers were to use this in event of hostilities against the US.

posted on Jul, 22 2015 @ 10:30 AM
Only one of the many reasons I will not buy a new car. Too many computer controlled, completely unnecessary, gadgets, that are vulnerable to attack. The more "conveniences" it has, the more to go wrong and costlier to repair. Impossible for the DIY mechanic to work on, short of an oil change and so many other things it's just not worth going in to.

posted on Jul, 22 2015 @ 10:37 AM
1970 Chevelle, old school muscle; no tracking, no computer (just stock up on spare parts before they are gone….)

posted on Jul, 22 2015 @ 10:43 AM
electrical and electronics has always been Chrysler's weak point. My last was a 2000 Grand Cherokee. Great vehicle but everything from the horn to the heated seats was an issue. less than a year and it was gone because the wife refused to drive it any further . I kind of thought the thing was possessed really.

posted on Jul, 22 2015 @ 10:48 AM
a reply to: Ghost147

I knew a self taught computer enthusiast/hacker in the '90s who remove the eprom(?) chips from cars and improve their capabilities for performance...I wonder what he could do now !!?!!

posted on Jul, 22 2015 @ 10:53 AM
I think they would have to hack specific satellites or be on the ground in our country to effectively hack cars.

a reply to: starwarsisreal

posted on Jul, 22 2015 @ 11:17 AM
a reply to: Ghost147

Here IS the original article.

If you watch the vid and read the article.

This isn't out yet.

They have been working with Chrysler to get this patched.

however they will be presenting this at defcon.

There is a usb patch for the hack. And it seems you need to have uconnect in your car to be able to do the hack.

Now this does bring into question do agencies like the CIA know about this?
Are some of the accidents that have happened to high profile people investigating government wrong doing intentional? Is this a deliberate back door that was left open for people to exploit?

edit on 22-7-2015 by grey580 because: (no reason given)

posted on Jul, 22 2015 @ 11:40 AM
a reply to: grey580

Ah, thanks for the link! When I read the article, I too thought the same thing. Who and what agencies know about things like this, and which ones are taking advantage of it?

posted on Jul, 22 2015 @ 12:00 PM
You can purchase OBD-II bluetooth dongles which allow cell phones and laptops to communicate to the vehicles ECU via bluetooth connection.

This technology can easily be used to alter the vehicles controls and ultimately make it do anything you want (apply throttle, modify braking, lock steering wheel, increase fuel pressure, etc.).

posted on Jul, 22 2015 @ 12:55 PM
a reply to: grey580
I agree it's a back door but for who?
All vehicles and electronics have what's known as built in obsolescence. Now think of the manufacturer finding out (through the up link) that their vehicle is lasting longer than planned. What could they do? Subtly alter the fuel air mixture to wear the engine out quicker? There are a million and one things that they could alter without you knowing that could shorten the vehicles life. Just a thought.
Now talking about the insurance angle is another matter. If they can communicate with the vehicle at all times then when or if you have an accident they go through the data with a fine tooth comb and if your at fault anywhere (and be honest 99% of us have) they nullify your cover. Hey presto, a get out clause that you provided.

posted on Jul, 22 2015 @ 03:41 PM
Weren't there a bunch of investigators, UFO and otherwise, than died in weird car crashes?

top topics


log in