Car hacking just got a lot scarier thanks to Samy Kamkar, a Los Angeles-based security researcher and hardware hacker who developed a new device called Ownstar, that can locate, unlock and remotely start any General Motors (GM) car equipped with Onstar.
The hack bases off of an exploit in OnStar’s mobile software communications channel, exposing the credentials of the vehicle owner when intercepting communications from the OnStar device directly. The device is set to be debuted at DEF CON, the annual hacking and security convention in Las Vegas.
Ownstar is capable of detecting nearby users of the OnStar Remote Link application on mobile phones and can begin to inject packets into the communication stream on the phone, forcing it to spit out additional information on the user’s credentials. Those credentials can then be abused to gain access to the vehicle’s OnStar account and have full ownership over the victim’s OnStar Remotelink app.
Kamkar explained that the vulnerability lies within the app itself, not the OnStar hardware found in GM vehicles, adding that GM and OnStar are both working to eliminate the flaw. At this time, GM customers who use OnStar can protect themselves against the vulnerability by not using the RemoteLink app.
Details are scarce as Kamkar is set to present the hack live at DEF CON 23.
Onstar has had issues in the past, specifically back in 2012 when the company pulled the API after a Volt enthusiast Mike Rosack reverse-engineered the Onstar Interface to get into the RemoteLink data for Chevy Volt energy efficiency data. The company shut down the API shortly after, as Rosack was able to pull driver’s data from OnStar’s private cloud and store it on his Volt server.
“After a user opens the RemoteLink mobile app on their phone near my OwnStar device, OwnStar intercepts the communications and sends specially crafted packets to the mobile device to acquire additional credentials then notifies me, the attacker, about the vehicle that I indefinitely have access to, including its location, make, and model,” Kamkar explained in his video demonstrating OwnStar.
“If you’re a use of OnStare RemoteLink, I have good news, fortunately the issue lies within the mobile software and not is not a problem with the vehicles themselves,” Kamkar said. Both GM and OnStar are working directly with him to fix the security issue.
The OwnStar attack comes just a week after security researchers Charlie Miller and Chris Valasek revealed critical vulnerabilities in several million Chrysler vehicles, allowing them to be hacked remotely, disabling the gas, brakes and steering, leading to the recall of some 1.4 million Chrysler vehicles.