Cars with Vulnerable WIFI Dongle can be Hacked via Bluetooth

Argus researchers hacked into a car’s data transmitter with the help of Bluetooth.

We have already seen a massive growth in the connected-car technology market over the past few years, and it is going to increase further more. But there are underlying threats hanging on the connected-car technology‘s users which if exploited can allow hackers to remotely shut down a targeted car.

These threats were revealed by a cyber security firm Argus on Thursday when the firm demonstrated how a car using Bosch Drivelog Connector OBD-II dongle could be easily victimized with just a Bluetooth connection. The security flaws are present in Drivelog Connect application 1.1.1 and below and Dongle firmware version 4.8.0 to 4.9.2.

What is Dongle?

In case you are wondering what Dongle is, It is a standard device plugged into the ports located under the vehicle dashboard. The dongle, in some countries, is installed by the insurance companies to assist them with the driving patterns of the car, or sometimes it is installed by the car owners themselves if they wish to have in-vehicle WIFI.

The experiment

To show the security flaws, Argus used a device called Drivelog Connect, a device to connect car through a Bluetooth enabling him to review vehicle health, track the mileage and much more. The firm used this device to show what could be done if the hackers can get past the service ID limitation of the security system.

Bosch Drivelog Connector Dongle

Argus wrote in their blog post that in the first vulnerability, the security flaw in the message filter allows an attacker with root privileges on the driver’s phone to send malicious CAN messages outside of the scope a small subset of diagnostic messages (i.e., OBDII PIDs) which can potentially have physical effects on the vehicle.

The second vulnerability amplifies the effect of the first and eliminates the need for a compromised phone.

Although the model of the victimized car has not been disclosed, Argus officials told the media that any car with Bluetooth enabled Drivelog Connector Dongle and a Wifi connection can be easily victimized.

In our research, we were able to turn off the engine of a moving car while within Bluetooth range. As troubling as that is, in a more general sense, since we can use the dongle to inject malicious messages into the CAN bus, we may have been able to manipulate other ECUs on the network. If an attacker were to implement this attack method in the wild, we estimate that he could cause physical effects on most vehicles on the road today.

New And Immature

Ami Shalev, Argus Research team leader, described the current security systems placed in cars as “New and Immature.” “These firewalls are really new and immature in their security measures,” He said.

Although the hack was performed in a controlled environment, Argus researchers believe that the same attack can be conducted on any car. Yaron-Galula Co-founder of Argus told media that “We estimate we can do that on any car.”

The good news

Robert Bosch, the manufacturer of the Drivelog, told media that the temporary measures had been taken to deal with the security threat, and they are currently working on a permanent solution to fix this. Thorsten Kuhles, the head of Bosch’s team, said “A patch that fixes the underlying weaknesses in the encryption protocol will be available shortly. This patch will prevent the kind of attack as described by Argus.”

More:  FBI Offers $3 Million Reward for the Arrest of Russian Hacker

Remember, after the discovery of Mirai malware; IoT devices have become more vulnerable than ever. Therefore, car manufacturers like Tesla and some other big names have already started working on the security flaws!