All it took was knowing the license plate, and millions of KIA cars could be hacked in a matter of seconds.
Unión Rayo reports that ethical researchers Sam Curry and Neiko Rivera found the vulnerability.
It all starts with the portal Kia offers so users can connect their smartphones to the car. From there, they can use remote commands like locking doors, honking the horn, or starting the engine. But Curry and Rivera discovered that it was possible to trick the system into thinking any phone was the owner’s.
Once inside, they had full control of the vehicle. And the most serious part: the hack worked even if the driver had deactivated the car’s connected services.
The researchers were clear. As long as that gap existed, the only way to avoid the risk was to remove the vehicle’s SIM card or fully disable the internal modem. A drastic solution that, of course, puts these systems’ reliability into question.
Read more at Unión Rayo. Keep in mind that this problem is not confined to KIA and affects other brands as well.