Scientists have now warned that it”s not just your computer that”s at risk of malware—dodgy MP3s can now take over your car.
Last year, a team of researchers at the US Center for Automotive Embedded Systems Security revealed how automobile computer systems could be hacked via the On-Board Diagnostics (OBD-II) port, an access point typically used by engineers to download data on the vehicle”s health, reports New Scientists.
Through this, they were able to hijack the car, allowing the researchers to disable the brakes, turn the engine on and off, and control electrical systems such as the odometer, lights, climate control, radio and locks.
Building on this, a team of security experts from the University of California, San Diego, and the University of Washington, led by Stefan Savage, have now identified a variety of weak points through which hackers can gain access to a vehicle”s computer systems remotely.
In one example, cellphone hardware installed in luxury cars was attacked, allowing the team to inject malicious code into the car”s electronic controls.
In theory, hackers could then sell the car to a thief, giving them its location and unlocking it remotely.
The team also managed to take control of the car using a Trojan app on a phone that used an Android operating system and had been paired with the car”s Bluetooth system.
Another weak point identified was the stereo system, often integrated into other electronic systems such as climate control and GPS.
The researchers were able to show that software embedded in an MP3 file could install itself into the car”s firmware, enabling similar exploits to those above. If the car had a self-parking system, it could in theory be driven away by the hacker.
The research was presented to the National Academy of Sciences Committee on Electronic Vehicle Controls and Unintended Acceleration.