A flaw in the new Chrysler Uconnect radios that have the Internet option, can let a hacker remotely kill the transmission on your vehicle as you drive.
Chrysler has just released a software update for the problem that leaves the vehicles open to attack on the CAN bus, which controls steering, brakes and transmission.
The flaw impacts certain models of the 2013-2014 Dodge Ram, the 2013-2014 Dodge Viper, the 2014 Jeep Cherokee, Jeep Grand Cherokee, and Dodge Durango, reports Wired.
To show the flaw, hackers Charlie Miller and Chris Valasek, remotely disabled a Jeep Cherokee on a St. Louis highway driven by a Wired reporter. The hackers were able to infiltrate through the Sprint 3G network. They were able to locate a car on the network as a remote target and then perform all sorts of mischief, including activating the windshield wipers, changing radio stations and then disabling the transmission.
On July 16, Chrysler released a Technical Service Bulletin (TSB) for a software update to patch the security issue, telling consumers only that it was improving “vehicle electronic security and communications system enhancements.”
Miller and Valasek’s informative mischief has also led to the expected proposal of new legislation.
Check out the Wired story here.
Photo: Pictured in Wired, Charlie Miller, Security Engineer for Twitter and Chris Valasek, Director of Vehicle Safety Research, IOActive