The gadget that can hack any CAR: Terrifying £12 tool can remotely control headlights, locks, steering and even brakes
- Gadget is fitted to the Controller Area Network (CAN) of a modern car
- Depending on the make of car, the CAN controls lights, locks and brakes
- Hackers claim it can be fitted to any car's network 'within five minutes'
- CAN Hacking Tool (CHT) runs malicious code into the car's system
- Researchers in the U.S. previously hacked the software in a Toyota Prius
Not content with stealing your personal information, hackers could soon take control of your car - using a homemade gadget that is smaller than an mobile phone.
Called the CAN Hacking Tool (CHT), the device can be fitted to any car's Controller Area Network 'within minutes' and run malicious code through the vehicle's system.
Once hackers take hold of this network they can control lights, locks, steering and even brakes - and the it costs just $20 (£12).
The gadget was created by Spanish security researchers Javier Vazquez Vidal and Alberto Garcia Illera.
It was previously showcased at last year's Black Hat conference in Las Vegas, and now the developers plan to demonstrate the device during the Singapore version of the event in March.
'It can take five minutes or less to hook it up and then walk away,' Vazquez Vidal told Forbes. 'We could then trigger it to do whatever we have programmed it to do.'
Many cars come with built-in software that run on an operating system in a similar way to phones and computers.
The tool has four wires that are attached to the different outputs of a car's controller network.
A $1 computer chip is used to bypass any encryption on the car before reading and writing data from the flash memory of the vehicle's engine control unit.
The gadget is smaller than an iPhone, meaning it sits in the palm of the hacker's hand, and can be controlled remotely.
Hackers can use any command they want to program an action via the CHT, and this includes disabling the brakes, deploying the airbag, locking the doors and enabling the alarm.
The hacking tool is attached to a car's Controller Area Network (CAN). This diagram shows the electronic layout of a typical car and the features controlled by the CAN are shown along the black lines including lights, climate, seats, heating and locks
Engineers from Indiana previously managed to hack the software that runs the electronics in a 2010 Toyota Prius and Ford Escape, pictured, so that the brakes, steering, speedometer and the car's electronics can be controlled remotely using a laptop
Vazquez Vidal and Garcia Illera's gadget is not the first example of hackers exploiting the vulnerability of car systems and software.
Using a laptop wirelessly connected to a car's electronics, Indiana security engineersCharlie Miller and Chris Valasek were able to remotely control the brakes, the accelerator, change the speedometer, switch the headlights on and off, tighten the seatbelts and even blast the horn inside a Toyota Prius and Ford Escape.
Their project was funded by a grant from the U.S Defense Advanced Research Projects Agency to highlight the security risks affecting modern-day cars.
By hacking the network in the two cars, and exploiting Bluetooth bugs, the software became hackable and the researchers said it was possible to send remote code executions from a mobile device.
Remote code executions let people remotely control the car's features.
Using a laptop wirelessly connected to a Toyota Prius' electronics, the engineers Charlie Miller and Chris Valasek were able to remotely control the brakes, the accelerator, change the speedometer, switch the headlights on and off, tighten the seatbelts and even blast the horn
Toyota previously said it 'wasn't impressed' with Miller and Valasek's hack and claimed its systems were robust and secure.
A Ford spokesman said they were taking the hack 'very seriously'.
Researchers from the University of Washington and the University of California, San Diego were the first to publish findings into hacking software in cars in 2010.
Valasek said: 'Academics have shown you can get remote code execution. We showed you can do a lot of crazy things once you’re inside.'
Read more: http://www.dailymail.co.uk/sciencet...ghts-locks-steering-brakes.html#ixzz2sxIWl4R6
