Brokenwire Hack’s Disruption of Charging of Electric VehiclesApril 4, 2022
Researchers from the University of Oxford and Armasuisse Science and Technology (S+T) discovered an attack method that would work against the Combined Charging System (CCS) and disrupt the ability of electric vehicles to charge at scale.
Charging Port Opener AttackMarch 27, 2022
A hacker who goes by the name NotPike on Twitter revealed how they were able to conduct a replay attack on Tesla’s charging ports. This was because the ports use 315 MHz as their standard signal to open ports, which can be replayed to open charging ports.
Vulnerability in Remote Keyless SystemsMarch 24, 2022
Ayyappan Rajesh submitted a proof of concept for CVE-2022-27254 and showed how the keyless systems of different Honda vehicles send the same unencrypted radio frequency (RF) signal for commands like opening a car door and starting the engine remotely. This could allow threat actors to conduct a replay attack.
Cuba Ransomware’s Attack on Automotive Parts ManufacturerMarch 19, 2022
The Cuba ransomware group, known for targeting critical infrastructures, claimed to have gone after Hyundai’s automotive parts manufacturer, Hyundai Powertech.
Rook Ransomware’s Attack on Automotive Parts CompanyMarch 13, 2022
Various reports show how cybercriminals have been targeting suppliers for major car manufacturers like Toyota. For example, the Rook ransomware group announced that it had attacked Denso, one of the largest automotive parts suppliers in Japan.
LockBit Ransomware’s Attack on Tire Manufacturing CompanyFebruary 27, 2022
Bridgestone, one of the largest and best-known tire manufacturing corporations in the US, confirmed its having been hit with the LockBit ransomware. The LockBit ransomware gang took credit for the attack and threatened to publish Bridgestone data.
Freezing of Infotainment Systems via Radio SignalFebruary 26, 2022
A signal from a local NPR station bricked the infotainment systems of certain Mazda vehicles manufactured from 2014 to 2017. The signal turned out to be image files sent by the station on its HD radio stream, which the systems were unable to process.
Ransomware Attack on Automotive Manufacturing CompanyFebruary 26, 2022
Toyota’s partner and manufacturer of interior and exterior automotive components, Kojima Industries, was reportedly targeted by a ransomware campaign. Toyota had to shut down operations on 14 of its plants in Japan because of the attack.
Remote Attack Through a BugJanuary 13, 2022
David Colombo, a young hacker and security researcher, successfully interacted with more than 25 Tesla vehicles in 13 different countries. Through a bug, he was able to access a great deal of information about these vehicles and even run remote commands.
Log4j Vulnerabilities in Connected Cars and Charging StationsDecember 23, 2021
In his report, Sébastien Dudek looked into the possibility of attackers using the Log4j vulnerabilities in the automotive world, specifically to gain access to devices used in cars and car chargers.
Connected Car Vulnerabilities Affecting the CAN StandardAugust 16, 2017
Andrea Palanca, Eric Evenchick, Federico Maggi, and Stefano Zanero tested a vendor-neutral attack that could target connected cars and abuse CAN (Controller Area Network), the network protocol that connects all in-vehicle equipment and systems and allows them to communicate.
Ransomware-Like Attack on a Connected CarOctober 1, 2016
Kenney Lu and Spencer Hsieh wanted to see if it was possible to hold a car for ransom. By targeting the in-vehicle infotainment (IVI) system, they were able to simulate a ransomware-like scenario, where a fake update eventually led to the vehicle’s being compromised.