3 Ways Your Car Can Be Hacked by Cyber Criminals

Christian Cawley 24-08-2016

One of the greatest risks to the owners of smart cars is that of cyber criminals: hackers working hard to discover vulnerabilities in the latest cars so that they can hijack, ransom, steal, and perhaps even use as weapons.


Reading press reports would lead you to think that the only cars that hackers can pull off an impressive piece of over-the-air hijacking on are the latest smart cars — internet-connected automobiles — that you’d have to break the bank to afford.

But the truth is that virtually any modern car can be subverted by cyber criminals as long as there is a microprocessor that can be accessed or interfered with remotely. Find this hard to believe? Read on!

1. Bluetooth and Internet Vulnerabilities

Modern smart cars come with Bluetooth built in, at the very least to give you the convenience of hands-free (and therefore safer) calls while you’re driving. More commonly, this feature is used to pipe music from a phone through your car’s audio system. Similarly, mobile internet is being introduced into new cars, turning them into giant smartphones with wheels.

Both of these communication methods offer an avenue for hackers to deliver attacks. The recent story of the Jeep killed remotely on the highway with a Wired journalist in the driving seat was only possible thanks to vulnerabilities in Chrysler’s Uconnect feature, which controls entertainment, navigation, phone calls, and wireless hotspots in hundreds of thousands of vehicles.



Worse still, the cellular connection employed by Uconnect lets anyone who knows the automobile’s IP address to gain access from anywhere in the USA. As Charlie Miller, one of the researchers responsible, observes, “From an attacker’s perspective, it’s a super nice vulnerability.”

The answer here, of course, is to disable Bluetooth (use a cable instead) and avoid cars with mobile internet — which should be fine since a quick check of the history books reveals that cars have managed fine for the past 100 or so years without being connected to a central computer.

Other connected cars have their own vulnerabilities to worry about. For instance, the Mitsubishi Outlander’s alarm can be disabled or even drain the car’s battery.

2. Radio Intercepts Remote Lock Signal

German car giant Volkswagen is not having a good time of it lately. Not only have they been found to have technologically suppressed emissions data, it seems that their cars are susceptible to a number of bugs.


But this time, it’s not new cars that are at risk from cyber attacks. Instead, we’re talking about older cars, from as far back as 1995, that are vulnerable to an attack that can be delivered using simple radio waves.


It’s estimated by security researchers — some of whom were involved in an earlier revelation that VW’s ignition was vulnerable — that the keyless entry systems of almost 100 million cars is susceptible to an attack that remotely unlocks the car.

This is done using an Arduino board Arduino Buying Guide: Which Board Should You Get? There are so many different kinds of Arduino boards out there, you'd be forgiven for being confused. Which should you buy for your project? Let us help, with this Arduino buying guide! Read More and some additional components (up to $40 in value; alternatively, a suitably equipped laptop can be used) to intercept the signal as it is sent by the car’s owner, unlocking the vehicle. The signal is then cloned and used to unlock the target vehicle.


The fix? Lock and unlock your 1995-2016 VW manually, not remotely! Sadly, keyless theft isn’t limited to VW. Thieves targeting vulnerabilities in electronic locks accounts for a massive 42% of car theft in London alone.

3. Zubie and the OBD-II Vulnerability

We’ve looked at OBD-II a couple of times over the years. This is a system that makes it possible to communicate with your car’s computer — the integrated, under-the-bonnet device that controls the electronics, power steering, etc.

You may have seen the technicians at your local repair shop connecting a computer of some sort to a hidden port in the front of your vehicle. This is what they’re using.



Anyone can access this port using a cable or Bluetooth connector, and with suitable software installed on your computer (Windows software is available OBD2 & Windows: Save On Auto Repair With Diagnostic Tools Finding a broken car's fault can be costly. Save by doing it yourself! All you need is a Windows computer, free diagnosis software, and a cable plugged into your car's OBD II connector. Read More ) or mobile device (it’s simple using Android How To Monitor Your Car's Performance With Android Monitoring tons of information about your car is incredibly easy and cheap with your Android device -- learn about it here! Read More ), you can view some interesting fault diagnostic information as well as tune your car.

Unfortunately, however OBD-II has its weaknesses. The Zubie is the most popular way to connect to your car’s OBD-II port, and this included a vulnerability Can Hackers REALLY Take Over Your Car? Read More (now closed) that enabled attackers to spoof the remote Zubie server (where car data was uploaded) and send malicious software to the Zubie, which might then have been used to disable the car or worse.

The key to safety here is to avoid plugging things into your OBD-II slot unless you’re confident that the device, and any related software, is trustworthy.

What Is the Risk to You?

As of this writing, the hacks featured here are almost all in the development stage. For hackers and automobile firmware developers, it’s like the Old West at the moment as boundaries are established and methods of intrusion are tried and tested.

For now, you’re probably safe. Thanks to security researchers, the kinds of holes that lead to these kinds of hacks can be plugged as each generation of smart car is released. It’s unlikely that the majority of the vulnerabilities listed here will be used against you.

However, by the time the self-driving car becomes commonplace, they may already be compromised How Secure Are Internet-Connected, Self Driving Cars? Are self driving cars safe? Could Internet-connected automobiles be used to cause accidents, or even assassinate dissenters? Google hopes not, but a recent experiment shows there is still a long way to go. Read More  and their potential for cutting emissions Study Says Driverless Electric Cars Could Cut Emission by 90% Most experts agree that driverless cars will play a key role in making transportation safer. However, a new study published in Nature Climate Change suggests that self-driving cars will also provide environmental benefits. Read More suddenly becomes an unattractive option if driving becomes a lottery.

But the fact that comparatively old vehicles are at risk of such a simple radio-based hack — one that will immediately relieve you of your much-loved car — will come as a major concern to anyone using a remote lock.

But what do you think? Do you feel as though you’re at risk? Will you stop using your remote unlocking key fob on your VW? Tell us what you think in the comments.

Image Credit: SP-Photo/Shutterstock, Keys (“New Car“) by Caitlin Regan, Jeep – New Ride by Roy

Related topics: Automotive Technology, Hacking, OBD-II.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Roberta B
    October 25, 2019 at 3:23 am

    Hello and thank you for the info! I have been hacked. I have a 2012 Honda CR-V and before this vehicle I had a 2013 Honda Accord EXL.
    With both of the vehicle I have taken them to the dealership due to the hacker problem!!! The dealership thought I was crazy! These are the following this that started happening to me when I was driving the vehicle:
    2013 Honda Accord EXL

    Reverse camera would turn on and off by itself.
    Side camera would come on by itself.
    Blinker light on the dashboard light would come on and off by itself.
    Radio would turn on by itself and the volume
    would either get loud or soft then off again, by itself.
    Electric seats would move forward and then back so I could not reach the gas petal.
    The horn would go off by itself. I could go on and on. When I told my partner what was happening he said I need mental help and who would do something like that to me and when you think about it now it happening to my new vehicle. It’s someone close to me that has had something installed.

    I finally got rid of it and then I got a 2012 Honda CR-V.

    Radio volume would go up and down by itself.

    Windshield wiper would stop and not turn back on when it was raining or they would stop when I came up to a traffic light!

    The reverse camera did not come with yellow lines and on June 28th 2019 yellow lines appeared when I started backing up! The back up camera shut down and when it came back up the yellow lines appeared.
    Doors unlock and relics by itself.
    I can go on but I believe you can understand that I have a hacker problem and I still have the 2012 Honda CR-V and yes I have taken it to the Santa Rosa CA dealership. They stated that my codes have been changed but the are trying to stated that maybe my battery could of disconnect and that could of changed my codes.

    Please let me know where I can get help and get back to living my life again because this is crazy and also very dangerous. I have been in three wrecks do to my gas accelerating by itself.

    Please help! I need to know who can help me correct the hacker problem.

    Do I need to replace the ECU unit, etc??
    Please let me know!!!

    Yours truly,

  2. Kathy
    July 27, 2019 at 4:59 pm

    My car doors are being unlocked just before I get to my car at night or other times I in a area this will not be noticed by others.How do I fix this?

  3. Brady
    March 3, 2019 at 5:10 am

    A hacker has infected my 2012 Honda CRV and also my 2013 Honda Accord EXL! They are able to unlock my vehicles! Turn on and off reverse camera! Speed up my windshield wipers and speed up my vehicle or slow me down! What can I do to put a stop to this craziness???

    I have taken my vehicle to Manly Honda in Santa Rosa and they can help me!!

    What can I do to stop the hacker attack to my vehicle, because it’s already cause two car recks!

    Thank you for your help!!

    • Kathy
      July 27, 2019 at 5:02 pm

      I wish I could help.My car doors are messed with too.

  4. Anonymous
    August 24, 2016 at 5:03 pm

    And people cannot wait for self-driving cars! I bet the hackers are just licking their chops at the opportunities for mischief offered by self-driving cars.

    • 884493
      August 25, 2016 at 10:22 am

      Forget the casual hackers. How about corporate interests and governmental bodies who might decide that a mass pile-up would benefit them.