Car safety: Kia Challenge and Hyundai Key found on the web

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,566
Content source
https://borncity.com/win/2022/08/15/pkw-sicherheit-kia-challenge-und-hyundai-key-im-web/
Software security in cars – a hot topic. On platforms such as TikTok, a trend known as the Kia Challenge or Kia Boys is celebrating a happy new era – the aim is to steal vehicles from Kia or Hyundai using a USB stick. And I came across the next sloppiness: A blogger searching the web found the private keys for software
Click to expand...
Kia Challenge, stole a car
In the US, police got on the trail of a strange occurrence: in St. Petersburg in Florida, 56 cars were stolen in July, according to this tweet. 23 of them belonged to the brands Kia and Hyundai. 41 percent of car thefts to two brands belonging to the same group? In Milwaukee, it was as high as 66 percent, as you can read here.

Apparently, the current Kias can be broken into through the rear window without setting off an alarm. After that, the thieves, who are usually underage, simply break into the vehicle using a USB cable, which is plugged into a socket in the steering column after the trim has been torn off, and go on joyrides. These are then filmed and shared on platforms such as YouTube and Tiktok.
Click to expand...
Private key from Hyunday found on the Internet
Access to the vehicle software of passenger cars, e.g. for updates, is protected by a digital signature to prevent unauthorized persons from tampering. The private key for signing is kept well protected by the manufacturers – no one can get at it. Because anyone who has the private key can sign software with the public key. A password provides maximum protection against misuse.

One software developer bought a 2021 Hyundai Ioniq SE in the summer of 2021, a fuel-efficient hybrid vehicle with features like wireless Android Auto/Apple CarPlay, wireless phone charging, heated seats and a sunroof. As interested developers should, he began playing and experimenting with the infotainment system. In this blog post, he describes how he was able to crack the firmware of the infotainment system. In the process, he also came across a private key in files he had downloaded from the Internet (from this Hyundai MOBIS open source site), and was able to extract by brute-force cracked password.
Click to expand...
borncity.com

Car safety: Kia Challenge and Hyundai Key found on the web

[German]Software security in cars - a hot topic. On platforms such as TikTok, a trend known as the Kia Challenge or Kia Boys is celebrating a happy new era - the aim is to steal vehicles from Kia or Hyundai using a USB stick. And I came across the next sloppiness: A blogger searching the web found t
borncity.com
 
  • +Reputation
  • Wow
  • Like
Reactions: Venustus, Sorrento, show-Zi and 3 others
show-Zi

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
www.thedrive.com

I Tried the Honda Key Fob Hack on My Own Car. It Totally Worked

Security researchers have found a vulnerability in many new Honda vehicles that allows someone to unlock or start the cars without the keys.
www.thedrive.com www.thedrive.com

Comfort and convenience include vulnerability. Even if it's a bit cumbersome, I think the old-fashioned way of turning the key to lock and start is more reliable.
 
  • Like
  • Applause
  • Sad
Reactions: Venustus, plat, Sorrento and 2 others
You must log in or register to reply here.

Similar threads

Ink
    • Like
    • +Reputation
Free Anti-Theft firmware update for 8M Hyundai and Kia cars
Replies
0
Views
341
News Archive
Ink
Ink
silversurfer
    • Like
    • Wow
Hyundai and Kia recall nearly 20,000 Ioniq 5s, EV6s
Replies
1
Views
609
News Archive
AYIZEB
AYIZEB
Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
Toyota, Mercedes, BMW API flaws exposed owners’ personal info
Replies
3
Views
842
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top