SiriusXM hack unlocks, starts cars

Curry, who works at Yuga Labs, a blockchain-based software development company based in New York, is known in the cybersecurity world for his interest in automotive telematics.

How, in September 2022, a hacker contacted Curry and compromised Uber’s back-end systems, compromising the ride-hailing service’s Amazon- and Google-hosted cloud environment where the company stores source code and customer data. taught me.

The automaker and SiriusXM said no incidents occurred due to potential security breaches.

“Honda was aware of a reported vulnerability related to the SiriusXM Connected Car Service offered to multiple car brands, and according to SiriusXM, it was quickly resolved after they became aware of it.” Honda spokesperson Jessica Fini said in a statement. “Honda has no indication that this now-resolved vulnerability was used maliciously to access connected car services on Honda and Acura vehicles.” have not confirmed.”

In a statement, SiriusXM Connected Vehicle Services said, “This issue was resolved within 24 hours of the report being submitted. No fraudulent accounts were modified by doing so.”

Hyundai spokesman Ira Gabriel said. car news As soon as Curry and his team turned their attention to security issues, the automaker worked with third-party consultants to investigate vulnerabilities.

“Importantly, with the exception of the Hyundai vehicles and accounts owned by the researchers themselves, no other customer’s vehicles or accounts were accessed as a result of the issues raised by the researchers,” Gabriel said. I’m here.

According to Gabriel, hacking a Hyundai required the email address associated with the account, as well as the VIN and script or code used by the hackers.

Nevertheless, Hyundai took steps within days of the notification to further enhance the safety and security of its systems, he said.

Curry said car news He believed that automakers could make smartphone applications more secure through standardization, but they take different approaches when developing their respective applications.

“This is a very complex problem, but I think our research has helped solve some of them. Developing industry standards and standardizing protocols would help.”