GM's OnStar Also Had a Hacking Vulnerability
One hacker claims he has a device that can take over any GM vehicle equipped with OnStar.
Samy Kamkar calls his device OwnStar and built it for around $100 and allows the hacker to lock, unlock and start the car. Unlike the recent Jeep Cherokee and Uconnect hack, which was done wirelessly and remotely, OwnStar must be placed on the vehicle it wants to hack and requires the driver to open the OnStar app within WiFi range of the device. Only then is the device capable of gaining access to the car.
Kamkar created a video detailing how the device functions and plans to explain more in depth at the major security conference Defcon next week.
SEE ALSO: Jeep Cherokee, Uconnect Vulnerable to Wireless Hacking
Essentially, the security flaw lies in the mobile software and OwnStar is capable of intercepting communication after the OnStar user opens the app. General Motors has already responded saying that the potential vulnerability has already been fixed and that no additional action is required by customers.
You can learn more about OwnStar by watching Kamkar’s demo of the device in a video below.
Get the Flash Player to see this player.
[Source: Tech Insider]
Discuss this story at our General Motors Forum
Jason Siu began his career in automotive journalism in 2003 with Modified Magazine, a property previously held by VerticalScope. As the West Coast Editor, he played a pivotal role while also extending his expertise to Modified Luxury & Exotics and Modified Mustangs. Beyond his editorial work, Jason authored two notable Cartech books. His tenure at AutoGuide.com saw him immersed in the daily news cycle, yet his passion for hands-on evaluation led him to focus on testing and product reviews, offering well-rounded recommendations to AutoGuide readers. Currently, as the Content Director for VerticalScope, Jason spearheads the content strategy for an array of online publications, a role that has him at the helm of ensuring quality and consistency across the board.
More by Jason Siu
Comments
Join the conversation