Hack lets anyone remotely start a GM car, but fix is on the way

Another troubling hack

General Motors hack

It's been a bad week for cars packed with technology. First a car-based hack lead Fiat Chrysler to recall 1.4 million US vehicles and now another activist programmer has shown GM automobiles could also be at risk.

Hacker Samy Kamkar demonstrated how he was able to use a homemade OwnStar kit to locate, unlock and even start a vehicle remotely with ease.

Consisting of a three radios and a Raspberry Pi computer-on-stick, this $100 (about hacker box is designed to intercept commands sent from the car owners OnStar RemoteLink app. After the OwnStar captures this signal, Kamkar can recreate the same digital signature to remotely control a few of the vehicle's functions.

"If I can intercept that communication, I can take full control and behave as the user indefinitely," Kamkar said in an interview with Wired.

The only technical caveat of this hack is the OwnStar needs to be hidden somewhere in the car such as under bumper or on its underside.

Quick action

Given the recent events hacking events with Fiat Chrysler, it's no surprise GM is jumping right on fixing this vulnerability. Kamkar tweeted he is now in contact with the company as they work on a patch to remove the hacking loophole.

Kamkar also plans to release more technical details about the OwnStar at Defcon 2015, an annual hacking conference that will be held from August 6th to the 9th in Las Vegas.

Article continues below