Screen capture of Miller (left) Valasek (right) on the screen from Wired's car hacking video.

Screen capture of Miller (left) Valasek (right) on the screen from Wired's car hacking video.

Two hackers successfully took control of a 2014 Jeep Cherokee while it was in motion, according to a report by Wired

Charlie Miller, director of vehicle security research at IOActive, and Chris Valasek, security researcher for Twitter, wirelessly controlled the vehicle's functions by targeting a vulnerability in the vehicle's Uconnect system. 

During the test, the hackers were able to adjust the air-conditioning, windshield wipers, the radio and turn the car off completely. 

Because of Uconnect's similarity to a smartphone, vehicles are even more vulnerable to attacks because the cellular connection let's anyone who knows the car's IP address gain access from anywhere. From there, Miller and Valasek input their own code on a chip in the car's head unit.

Miller and Valasek have not yet identified the vulnerability that allowed them to hack the vehicle's Uconnect. They have shared their research with Chrysler, which has helped the OEM rollout a patch to address the problem. 

Originally posted on Automotive Fleet

0 Comments