14 DAY TRIAL // Last month, security researcher Samy Kamkar, revealed OwnStar, a hacking kit for breaking into GM's OnStar car management service by intercepting communications between the driver's OnStar RemoteLink phone app and the OnStar servers.
The attack worked despite the presence of an SSL encrypted connection and allowed Mr. Kamkar to take control over various car features, like its door lock management system, engine start function, and so on.
Soon after it was uncovered, GM issued patches for its OnStar RemoteLink iOS app, improving the security level and rendering the hack useless.
Four more car manufacturers are now vulnerable
Now, at the DEF CON 23 security conference in Las Vegas, Mr. Kamkar has revealed a new version of his exploit kit, which now works with BMW Remote, Mercedes-Benz mbrace, Chrysler's Uconnect, and Dodge Viper’s Smartstart services.
The OwnStar kit works as the previous iteration, utilizing a custom hardware setup that needs to be attached to the car in question, which will create a fake wi-fi zone around the vehicle, fooling the driver into connecting to it.
While connected and trying to use his car management service via its iOS mobile app, the OwnStar kit intercepts communications via a simple MitM (Man-in-the-Middle) attack.
A copy of the intercepted data is sent to the attacker, which can decrypt it and use the user's credentials to connect to the hacked car via the same mobile car management app the driver is using.
Intrusions are very hard to detect
For the car and the car manufacturer's servers, everything will look in order since proper user credentials are provided.
Except Viper's Smartstart, the car management services provided by BMW, Mercedes, and Chrysler will allow an attacker to start the car's engine.
According to WIRED, all car manufacturers have been informed of their vulnerabilities, and Mr. Kamkar has refrained from releasing the updated source code for his OwnStar kit.
Below is a video presentation of the original OwnStar hack.
