GM OnStar car security system gets owned

Posted on Thursday, Jul 30 2015 @ 22:06 CEST by Thomas De Maesschalck
It seems cars are becoming the big new thing for security researchers. Last week there was a huge story about a vulnerability in the Fiat Chrysler Uconnect technology that resulted in the recall of 1.4 million vehicles and now security expert Samy Kamkar discloses a vulnerability in the OnStar communications system from GM. OnStar links your vehicle to your smartphone and offers features like turn-by-turn navigation, hands free calling, remote diagnostics, stolen vehicle tracking, ignition blocks in case of theft, automatic crash response, remote unlocking, etc.

The hacking tool is based on a Raspberry Pi computer and it costs under $100 to assemble. Called the "Ownstar", the kit is able to locate, unlock and remote start any GM vehicle with OnStar RemoteLink. All that is needed is the planting of a cheap, homemade WiFi hotspot device somewhere on the car's body. Once that's done, hackers can intercept communication between the RemoteLink mobile app and the OnStar servers via a man-in-the-middle attack and connect to the car over a 2G cellular connection.
When the driver comes within Wi-Fi range of Kamkar’s $100 contraption, which he’s named “OwnStar” in a reference for the hacker jargon to “own” or control a system, it impersonates a familiar Wi-Fi network to trick the user’s phone into silently connecting. (Modern smartphones constantly probe for known networks, so the trade-paperback-sized box, packed with three radios and a Raspberry Pi computer, can listen for and then impersonate a friendly network, or by default call itself “attwifi” to appear as a common Starbucks connection.) If the user launches their GM RemoteLink Android or iOS app while their phone’s within Wi-fi range and unwittingly connected, OwnStar is designed to exploit a vulnerability in GM’s app to steal the user’s credentials and send that data over a 2G cellular connection to the hacker. “As soon as you’re on my network and you open the app, I’ve taken over,” Kamkar says.
GM is reportedly working on a fix.

Source: Wired

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments