Fiat Chrysler isn't the only automaker facing a hacking problem. A new report from Reuters indicates a research has found a way into products from General Motors by way of the company's OnStar RemoteLink mobile app.
Samy Kamkar, a so-called "white hat" hacker (i.e. the good kind of hacker), demonstrated the exploit using something called OwnStar. In a video released on YouTube, Kamkar uses OwnStar to intercept the communication from a nearby phone running RemoteLink to a Chevrolet Volt, sending specialized data packets to the phone and gaining vehicle access "indefinitely." In the real world, that could allow some potentially nefarious individual access to a vehicle's locks, GPS data, and the ability to start and stop the engine. The good news, as Kamkar says, is that the issue lies with the app, and not the actual vehicle.
"We believe the chances of replicating this demonstration in the real world are unlikely. In addition, the action involves one user at a time, and would impact only that specific user's account," spokesman Terrence Rhadigan told Reuters.
You can see Kamkar take advantage of the exploit using OwnStar in the video below.
Continued testing identified further action necessary on the Apple iOS version of RemoteLink app itself. That step has now been taken and an update is now available via Apple's App Store. Impacted customers will receive a communication from OnStar today and the previous version of the app will be decommissioned following that communication to ensure customer security. No additional action is required for Android, Windows Phone and Blackberry users.