Posts Tagged ‘Tracking’

Hundreds of thousands of engine immobilisers hackable over the net

Homer Simpson driving

Kiwi hacker finds brutal holes in location, tracking units

Kiwicon Kiwi hacker Lachlan Temple has found holes in a popular cheap car tracking and immobilisation gadget that can allow remote attackers to locate, eavesdrop, and in some cases cut the fuel intake to hundreds of thousands of vehicles, some while in motion.

The gadgets are rebranded white box units from Chinese concern ThinkRace that allow users to attach to their cars to enable remote tracking, engine immobilisation, microphone recording, geo-fencing, and location tracking over a web interface.

In Australia the units badged as “Response” sell for about A$150 at electronics chain JayCar or through some mechanics who offer to install the devices.

One of the unit’s relay leads is commonly attached to car fuel pumps as a means to remotely-immobilise stolen vehicles.

But session cookie vulnerabilities turn that function – in the worst case scenario – into a means to shut off fuel supply to cars while in motion over the internet.

Read More by Darren Pauli

Social Media Links
Latest Tweets
Archives

Social Widgets powered by AB-WebLog.com.