HomeSecurity OperationsHacker Identifies Data Vulnerability in Subaru Starlink Allowing Unauthorized Remote Control by...

Hacker Identifies Data Vulnerability in Subaru Starlink Allowing Unauthorized Remote Control by Third Parties

Published on

spot_img

In a shocking revelation, security researcher and ethical hacker Sam Curry has brought to light a major cybersecurity risk in Subaru vehicles. According to reports from The Street, Curry discovered a vulnerability that could potentially allow hackers to access sensitive data on Subaru owners and even take control of certain vehicle functions.

The flaw was uncovered by Curry and a colleague, who were able to exploit a gap in Subaru’s Starlink system, which powers various features in the vehicle such as infotainment and safety functions. Through this vulnerability, they were able to gain administrative access to the system, giving them the ability to access data from nearly every Subaru vehicle in the U.S., Canada, and Japan that is equipped with Starlink.

With just the Subaru owner’s full name, address, license plate number, or VIN, hackers could track the location of the vehicle for up to a year. Additionally, Curry found that they could remotely control functions in the MySubaru app, such as locking, unlocking, starting up, and shutting down the vehicle.

To demonstrate the severity of the issue, Curry conducted a test on a friend’s Subaru. With just the license plate number, he was able to gain authorized user status and manipulate the vehicle’s functions without the owner receiving any notification. This raises serious concerns about the potential for unauthorized access and control over Subaru vehicles.

Although Curry notified Subaru of the vulnerability in November 2024 and the issue was promptly patched, a Subaru of America representative downplayed the severity of the situation. The representative claimed that Curry and his associate had received permission from their friends and family to access their information, and no actual customer accounts were compromised.

Despite this response, Curry warned that similar vulnerabilities may exist in other automakers’ systems as well. He mentioned Acura, Honda, Ferrari, Hyundai, Kia, and Toyota as examples of manufacturers that may have similar data security risks in their vehicles.

The discovery of this cybersecurity risk in Subaru vehicles highlights the importance of ongoing vigilance and proactive measures to safeguard sensitive data and vehicle functions. As technology becomes increasingly integrated into modern vehicles, it is crucial for automakers to prioritize cybersecurity and take immediate action to address any vulnerabilities that could be exploited by hackers. Consumers must also stay informed and aware of potential risks to protect themselves and their vehicles from cyber threats.

Source link

Latest articles

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

Britain Reportedly Requests Apple to Create Backdoor

In a shocking turn of events, the British government has reportedly issued a secret...

Vorwerk Data Breach: Hackers Steal Thermomix User Data

Hacker haben sich Zugriff auf Thermomix-Nutzerdaten verschafft Ein kürzlich aufgetretener Datenskandal hat Thermomix-Nutzer auf der...

More like this

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

Britain Reportedly Requests Apple to Create Backdoor

In a shocking turn of events, the British government has reportedly issued a secret...