Hackers revealed serious weaknesses in Subaru’s Starlink Infotainment System, which enables remote vehicle control and sensitive location data access to data
A pair of hackers, Sam Curry and Shubam Shah, Is exposed By enduring security weaknesses within Subaru’s Starlink-Kenocated Infotainment system, it enables them to take control of a Subaru Impreza remotely. The pair achieved unauthorized access to the vehicle through a compromised web portal associated with Subaru, which allowed them to unlock the car, give a sound to the horn, and to start ignition using any smartphone or computer.
Curry explained on her ways in a video and blog post, revealing that he simply resettes the password of a Subaru employee’s account, using location data reserves for more than a year. Hackers stated that this data included accurate records of vehicle movements, under specific parking sites. Subaru accepted the violation and said that it has since pledged vulnerability, emphasizing the need to collect location data to assist emergency and vehicle recovery.
However, the Hacking community curry and experts argue that motor vehicle manufacturers have little justification for collecting broad historical location data. They warns that the weaknesses they exploit are not exclusive to Subaru, similar flaws claim that Acura, Honda, Hyundai, Toyota, and more are present in the systems of brands like more.
Meanwhile, cyber security concerns are not limited to Subaru. Kaspersky’s security researchers have recently identified 13 important weaknesses within Mercedes-Benz’s Mbux Infotainment system, which is able to steal data and disable anti-theft security to hackers if they can physically access the vehicle. Although Mercedes-Benz replied that it had patched these weaknesses since 2022, there are concerns about the security risks generated by modern connected vehicles.
The increasing consent between cyber security experts is clear: modern automobiles give rise to significant privacy and safety hazards. A recent Mozilla report emphasized that many cars are “a privacy nightmare”, which collect excessive data without consent from users and increase the alarm about the ability to exploit these vehicles for hackers.
Thanks for reading..
