Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Transportation

Flaw In Kia's Web Portal Let Researchers Track, Hack Cars (arstechnica.com) 16

SpzToid shares a report: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the Internet-connected features of most modern Kia vehicles -- dozens of models representing millions of cars on the road -- from the smartphone of a car's owner to the hackers' own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any Internet-connected Kia vehicle's license plate and within seconds gain the ability to track that car's location, unlock the car, honk its horn, or start its ignition at will.

After the researchers alerted Kia to the problem in June, Kia appears to have fixed the vulnerability in its web portal, though it told WIRED at the time that it was still investigating the group's findings and hasn't responded to WIRED's emails since then. But Kia's patch is far from the end of the car industry's web-based security problems, the researchers say. The web bug they used to hack Kias is, in fact, the second of its kind that they've reported to the Hyundai-owned company; they found a similar technique for hijacking Kias' digital systems last year. And those bugs are just two among a slew of similar web-based vulnerabilities they've discovered within the last two years that have affected cars sold by Acura, Genesis, Honda, Hyundai, Infiniti, Toyota, and more.

This discussion has been archived. No new comments can be posted.

Flaw In Kia's Web Portal Let Researchers Track, Hack Cars

Comments Filter:
  • by Joe_Dragon ( 2206452 ) on Friday September 27, 2024 @03:19PM (#64822541)

    cars will be locked down so that an dealer code is need to do
    oil change
    tire change
    light change
    ---
    any repair that needs parts changed
    any service at X time or Y miles

  • Kia... the gift that keeps on giving.
    • You know, 15-20 years ago, I actually liked them (or Hyundai at least). I wonder what happened inside to give the results that we see.

      But as far as the "smartphone on wheels" thing, that particular problem is afflicting every manufacturer. Has me considering getting a motorcycle license, or a kit car. Anything but buying the crap that's on dealer lots.

      • by Dusanyu ( 675778 )
        I was in the market for a newer car recently I wound up settling on a 2018 Nissan Versa for the simple reason that I did not have a screen in it tech wise it is stuck in the late 00s
        • My girlfriend, referenced in a response to the other guy on this thread, was in the market for a new car because some idiot ran a light and t-boned her 2016 stick shift Versa. It was a good, reliable car. Zero problems for the entire time she owned it. Great mileage, acceptable power, and it let her walk away from a really nasty crash with nothing but a headache and a sore neck.

      • I used to have a 2002 Elantra GT. For the money, it is hands down the best "driver's car" I ever owned. I have to believe somebody who spent many, many hours behind the wheel of a performance car was told to make a list, then they took the budget you'd dedicate to a pair of roller skates and made a car out of it. It was a five speed standard with cruise control (which at the time was unheard of in cars in its price range). The seats were cheap, but really comfortable. Every control was placed so that a

        • I had an 08 Elantra sedan for years. The performance seemed great for an automatic that got 32+ mpg. I would complain about the steering, they had just started with the electronic steering and it felt like Gran Turismo. But the reliability was great and I intended on probably getting the GT for my next vehicle. I've heard good things about the Tiburon and even Accent hatch from the early 2000s as well.

          But as far as getting a "Kona" that can be hijacked over Bluetooth, or with a toothpick, that doesn't appea

          • I'm with you on that 100%. The only comfort I can offer is that some manufacturers seem dedicated to keeping at least some "old school" models. Right now, Suburu and Mazda seem to be leading the pack in this regard. My girlfriend recently road tested a standard transmission Mazda with me along for the ride. It was a good, solid little car, missing all the garbage you and I found problematic. She eventually settled on a slightly older Toyota Corolla (stick) that had none of it. She's hoping it will las

  • At first I thought, ah cool a car hardware hack. Nope, they mucked with the API to do certain (limited) stuff.
  • Whole new meaning to "I wanna see ya in a Kia"!
  • by rossdee ( 243626 ) on Friday September 27, 2024 @04:46PM (#64822763)

    it was probably stolen already

    • by alvinrod ( 889928 ) on Friday September 27, 2024 @05:53PM (#64822881)
      With the advent of autonomous self-driving vehicles, some have proposed that people don't need to own their own vehicle as they could just order a ride and be serviced by any one of the public vehicles that are in the area at the time. Kia is just ahead of the pack when it comes to community owned vehicles.
  • by PPH ( 736903 ) on Friday September 27, 2024 @05:40PM (#64822863)

    Evidently that didn't stop these from being the 'most stolen and used in subsequent crimes' vehicles.

    They needed a "Find my Kia" utility.

You know you've landed gear-up when it takes full power to taxi.

Working...