Researchers demonstrated how disable the airbags on a Audi TT (and others models) and other functions by exploiting a zero-day flaw in third-party software.
Lately, many researchers proved that car manufacturers haven’t addressed security vulnerabilities in modern vehicles properly and use of lots of embedded controllers and providing different external interfaces made it possible to hack and take control of automobile’s core systems.
Once again, a group of three researchers, András Szijj, and Levente Buttyán of CrySyS Lab and Zsolt Szalay of Budapest University of Technology and Economics cooperatively managed to disable airbags in an Audi TT.
The Researchers said that in comparison to the remote hacking of Jeep car, this attack is less severe and less capable threat. They use a zero-day vulnerability in commonly-used diagnostic software that is compatible with cars sold by the Volkswagen. Buttyán emphasized that this flaw “has nothing to do with VW itself” and relates to third-party software only.
Taking control of the vulnerable software means that the attacker is able to switch on or off all the functionalities that the software has been designed to control and check. This flaw enables attackers to falsify the information generated by the car.
Audi TT was the platform to demonstrate this attack and these experiments were carried out during spring 2015. To make the exploit work, mechanic’s computer must be compromised firstly or a malicious USB device to be plugged into the vehicle. The proof-of-concept implementation allows for Man-in-the-Middle attacks between the application and the car (in this case an Audi TT).
This demonstration shows that a Stuxnet-style attack is easy to implement in practice against cars by minimal modification of a diagnostic application. Furthermore, the situation could get worse and more dangerous if hackers could inject a backdoor by updating a car’s embedded control unit firmware via the OBD2 port. This backdoor could be triggered while the car is in motion.
Stephen Checkoway published a research paper in 2011, titled “Comprehensive Experimental Analyses of Automotive Attack Surfaces,” and described the possible ways to infect a car through diagnostic equipment. The researchers said that their work is a proof-of-concept for the aforementioned paper. The detailed explanation of the POC is summarized in the following presentation here.
About the Author
Ali Taherian (@ali_taherian) is an enthusiastic information security Officer. He’s finished his education in information security and has recently been involved in banking software and payment security industry. Taherian is proud to be certified IBM Cloud Computing Solution Advisor and ECSA and enjoys sharing and tweeting about security advances and news.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.