'Unhackable' smart car alarms could have been hacked by car thieves

  • An investigation has revealed that many smart car alarms can be hacked, in some cases allowing an attacker to unlock the car and start the engine.

    Back in January, we reported that several major brands of Keyless cars were falling victim to a form of electronic theft in which the thief could trick the car into thinking the keys were right next to it. Now it appears that it's not just keyless cars that are at risk but also cars with smart alarms controlled through a smartphone app.

    Several major brands of smart car alarm system were recently put to the test by cyber-security consultants Pen Test Partners, who found that they were vulnerable to attack. The consultants were successful in circumventing the security in popular alarm control apps by firms Pandora, Clifford, and Viper.

    Pandora had previously claimed that its technology was 'unhackable' in marketing releases, but Pen Test Partners discovered that the app had a password flaw that could expose access to the account. Attackers with access could not only activate or disable the car's alarm remotely but also track the car's GPS, unlock the car, and start the engine without a key.

    Clifford (also known as Viper in the US) had a similar security flaw that allowed any legitimate user to reset the password on someone else's account. Both companies have confirmed that they have now fixed the highlighted security flaws, but it has highlighted the need for tech firms to think more about the security of their products.

    Source: BBC

    About the author

    Brendan is a Sync NI writer with a special interest in the gaming sector, programming, emerging technology, and physics. To connect with Brendan, feel free to send him an email or follow him on Twitter.

    Got a news-related tip you’d like to see covered on Sync NI? Email the editorial team for our consideration.

Share this story