OwnStar: Researcher hijacks remote access to OnStar [Updated]
Update, Friday July 31: OnStar has issued a mobile app update for the iOS version of RemoteLink that closes the vulnerability used in the attack described in this article. GM customers with OnStar-equipped vehicles should install the application update as soon as possible to reduce risk of attack. Users of RemoteLink on other mobile platforms don’t need to take any action, according to OnStar.
Samy Kamkar, a Los Angeles-based security researcher and hardware hacker, has created a device called OwnStar that can find, unlock, and remote start General Motors cars equipped with OnStar. The hack, which is based on an exploit of OnStar’s mobile software communications channel, exposes the credentials of a car’s owner when it intercepts communications with OnStar’s service. The device will be demonstrated at next week’s DefCon security conference in Las Vegas.
The OwnStar device can detect nearby users of the OnStar RemoteLink application on a mobile phone and can then inject packets into the communication stream to the phone, getting it to give up additional information about the user’s credentials. Those credentials can then be used to gain access to the vehicle’s OnStar account and the full functionality of the OnStar RemoteLink app.