Subj : Skoda security flaws could let hackers remotely track cars
To   : All
From : TechnologyDaily
Date : Fri Dec 13 2024 11:30:05

Skoda security flaws could let hackers remotely track cars

Date:
Fri, 13 Dec 2024 11:14:26 +0000

Description:
Black Hat event shines a light on some serious Skoda security vulnerabilities.

FULL STORY
======================================================================Security
 flaws were found affecting Skoda Superb III cars Over 1.4 million cars could 
be affected The same model car was found to have similar vulnerabilities last 
year 

Experts have revealed a discovery of 12 new security vulnerabilities 
affecting the Skoda Superb III sedan, including flaws which could allow a 
threat actor to access the vehicle's GPS and speed information, as well as 
remotely record conversations and access the infotainment screen. 

Cybersecurity researchers from PCAutomotive revealed they were able to 
exploit the vulnerabilities to inject malware into the vehicle without 
authentication. The security flaws allowed them to to achieve unrestricted 
code execution and to run malicious code when the unit starts. 

In turn, a malicious actor could have taken screenshots of the in-car 
infotainment screen, or recorded conversations through the microphone - and 
access live GPS coordinates. This was achieved through a Bluetooth connection 
with the system, so researchers could not access safety-critical controls 
like brakes, steering, or accelerators. Deja Vu 

If this sounds a little familiar, that's because the group who discovered the 
vulnerabilities, PCAutomative, were also responsible for the discovery of 
nine other security flaws which affected the same model of car in November 
2023 - also affecting the cars infotainment unit. 

The most recent Skoda vulnerabilities could affect over 1.4 million vehicles, 
and could affect an even higher number of people if their data was not 
properly erased before they sold their car on to a second-hand buyer. 

Although its not difficult to imagine how this could be used to exploit 
victims in a normal setting, it's even more worrying when you find out that 
Skoda is a huge supplier for law enforcement vehicles across the globe. 

Another manufacturer which supplies police vehicles, Kia, was found earlier 
this year to have a software flaw that meant hackers could unlock and start 
any Kia vehicle built after 2013, and could have had similarly wide-reaching 
consequences. 

Via TechCrunch You might also like Take a look at our pick of the best 
malware removal software around Microsoft announces its own Black Hat-like 
hacking event with big rewards for AI security Check out our choice of best 
antivirus software



======================================================================
Link to news story:
https://www.techradar.com/pro/security/skoda-security-flaws-could-let-hackers-
remotely-track-cars


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.