Just when you thought it was safe to go out on the road, automotive cybersecurity researchers Charlie Miller and Chris Valasek have a whole new arsenal of attacks against the same 2014 Jeep Cherokee they hacked last year.
One year ago Chrysler announced a recall for 1.4 million Jeeps and other vehicles after the twodemonstrated that they could remotely hijack connected car systems. They were able to remotely take control of the Jeep’s air-conditioning system, radio and windshield wipers, using the mobile phone network and the car’s internal 4G connection. They demonstrated this to an unaware journalist at 70 MPH as well. And even uploaded a picture of themselves to the affected car’s dash display, just to ratchet up the poor guy’s terror.
Using the mobile network improves reach, but requires specialized know-how and equipment. "We took over the infotainment system and from there reprogrammed certain pieces of the vehicle so we could send control commands," Valasek said at the time. "It takes a lot of time, skill and money. That isn't to say that there aren't large organizations interested in it."
But that was 2015. Jeep fixed the problem, recalling vehicles in two waves and launching a bug bounty program. Everything’s good, right? Well….no.
Full Article. Jeep hackers demonstrate new, terrifying compromises
One year ago Chrysler announced a recall for 1.4 million Jeeps and other vehicles after the twodemonstrated that they could remotely hijack connected car systems. They were able to remotely take control of the Jeep’s air-conditioning system, radio and windshield wipers, using the mobile phone network and the car’s internal 4G connection. They demonstrated this to an unaware journalist at 70 MPH as well. And even uploaded a picture of themselves to the affected car’s dash display, just to ratchet up the poor guy’s terror.
Using the mobile network improves reach, but requires specialized know-how and equipment. "We took over the infotainment system and from there reprogrammed certain pieces of the vehicle so we could send control commands," Valasek said at the time. "It takes a lot of time, skill and money. That isn't to say that there aren't large organizations interested in it."
But that was 2015. Jeep fixed the problem, recalling vehicles in two waves and launching a bug bounty program. Everything’s good, right? Well….no.
Full Article. Jeep hackers demonstrate new, terrifying compromises
