CD players, Bluetooth vulnerable to vehicle hackers: report

Researchers from the University of California and the University of Washington spent two years finding security flaws in the electric systems of late-model vehicles and developed numerous systems to hack the cars to various degrees.

The hack with perhaps the most wide-ranging application was one that added extra code to an audio file that aimed to turn a CD into a Trojan horse.

The idea is that people download the infected files from file-sharing networks and play them through their car stereos. The songs play as normal, going completely undetected, and at the same time have the potential to turn off the engine, disconnect the brakes and lock the doors, among other things.

The researchers said in the future there could be the potential for thieves to hack into a vehicle’s electric systems, unlock the doors and send GPS coordinates and VIN details digitally without physically approaching the vehicle.

A significant deterrent from hacking the technology systems of modern vehicles, however, is their complexity. Not only do the systems differ greatly from one manufacturer to another, but there are also sizable differences in the coding of electronic control units between models and production years.

The researchers suggested the amount of expertise, time, resources and money needed to hack individual software packages is likely to discourage most modern-day thieves.

That said, the manufacturers of the vehicles hacked by the university study teams were reportedly very open to the research and have been working proactively to improve the security of their vehicles.