2 min Security

Skoda cars can be hacked remotely

Skoda cars can be hacked remotely

There is a vulnerability in the infotainment system of Skoda Superb III sedan cars, allowing hackers to obtain GPS coordinates and speed information remotely. In addition, conversations can be recorded via the car’s microphone.

So say security researchers at PCAutomotive. They have discovered twelve new vulnerabilities in Skoda’s information system. These vulnerabilities can be exploited to install malware in the car. To do so, a hacker must connect to the Skoda Superb III’s infotainment system via Bluetooth. The attack can be performed within a distance of 10 meters and does not require authentication.

Consequences

If hackers succeed in their attack, they can execute malicious code every time the infotainment system is started. In addition to accessing GPS coordinates, speed information, and the ability to record conversations, they can remotely take screenshots of the infotainment screen and play sounds in the car.

In addition, phone contacts can be retrieved if contact synchronization with the car is enabled. “Usually phones are encrypted, so you cannot easily extract the contact database,” explained a PCAutomotive researcher. “In the case of the infotainment unit, you can — the contact database is stored in plaintext.”

The researchers stress that they found no vulnerabilities allowing critical actions such as taking over steering or braking functions. Skoda announced that the vulnerabilities in the infotainment system have since been addressed and that there is ongoing attention to improvements in this area.

Tip The industrial sector is under cyber attack: what can be done about it?