OnStar OwnStar Hack-in-the-Box hijacks & media hijinks for Def Con

OwnstarAfter the Jeep Cherokee hack last week, in time for the Def Con Hacking Conference, this week’s publicity exploit comes from Samy Kamkar with his OwnStar Hack-in-a-Box that hacked into the OnStar RemoteLink software on smartphones. It’s not surprising the amount of car hacking news stories recently, because this year, Def Con will have “Car Hacking Village.”

Kamkar’s device interrupts the OnStar RemoteLink signals. After it intercepts communication, he can perform remote functions in the RemoteLink app by locating the car and then physically going near the car and unlocking it.

When a RemoteLink app user is near the “Hack-in-the-Box” device, it acts as a known Wi-Fi connection then connects to the user’s phone. It connects through Wi-Fi as a disguised Wi-Fi network such ase “attwifi” and other popular open networks.

This problem may not be a vulnerability in the OnStar software but with Android smartphones or iPhones. The user has to launch RemoteLink app while the smartphone is near the box. The user name and password are stolen from the app.

The hack only interrupts the OnStar RemoteLink app, and does not hack into the OnStar vehicle itself.

The hack could not cause asphyxiation from car exhaust, if the car is running in a garage with someone in the garage. The app only remotely starts the car and runs it for a ten minutes, we learned when we tested the app with a Chevy Volt.

Even if someone accidentally opened the car door by mistake, they couldn’t take the car.

“If you use the RemoteLink app to unlock doors or remote start an engine, a key is still required to unlock the steering column, put the transmission in gear, or turn on the full interior electronics,” says OnStar spokesman Stuart Fowle.

Kamkar likes to get publicity. He has his own YouTube Channel and used a texting toy from Mattel IM-ME to make OpenSesame to break into electronic garage doors. This Hack-in-the-Box uses a Raspberry Pi.

Def Con’s Car Hacking Village features interface tools for hackers to control vehicle electronic control systems. GM announced, yesterday that there have been one billion OnStar connections. We can’t tell if the hacked connections were part of the count.



1 thought on “OnStar OwnStar Hack-in-the-Box hijacks & media hijinks for Def Con”

  1. Unfair to bash on GM! Its one year old news. Its very easy to do, $50 software, impersonate a public WiFi and act man in the middle. All connected car apps tried on friends and family have this 101 security flaw together with lots of Internet connected home devices. I personally did this on my car, garage door en thermostat. After recording an attacker have all data needed and garage is more severe. Recommendation, do not use any of the mobile apps on a public WiFi!

Comments are closed.