PHEV alarm can be switched off using hacked wifi [merged]

[anko]

Hmmm, makes you wonder .... What if 'they' update the firmware of the REMOTE ECU (which we know can be done over WiFi) with a version that is less of a firewall and more of a passthrough to the CANBUS .....

That would indeed allow them the do virtually everything. Except for unlock my BearLock ....

 

[phevvvv]

Mitsubishi UK contacted me with this information:

It was brought to our attention at the end of last week that there is a possibility that the Wi-Fi system installed in the Mitsubishi Outlander PHEV can be accessed using the Mobile App without authorisation from the vehicle’s owner. We take this matter very seriously and are actively working with all parties to better understand and resolve the issue.

This ‘hacking’ can only occur when within range of the vehicle’s Wi-Fi. Once the hacking has taken place, it is possible for the alarm to be deactivated. Even if the alarm were deactivated the vehicle remains locked and secure. In this state, however, should someone try to gain entry to the vehicle by forced access, the alarm would not sound.

At this early stage, until further technical investigation has taken place, we would recommend that the Wi-Fi is deactivated using the ‘Cancel VIN Registration’ option on the app, or by using the remote app cancellation procedure. All devices paired to the vehicles Wi-Fi using the PHEV App must be deleted. Once all paired devices are unpaired/deleted from the Wi-Fi module, the Wi-Fi module will effectively go to sleep, eliminating any risk.

Full article:
http://www.mitsubishi-cars.co.uk/outlander/remote-app.aspx

 

[jaapv]

Hmmm, makes you wonder .... What if 'they' update the firmware of the REMOTE ECU (which we know can be done over WiFi) with a version that is less of a firewall and more of a passthrough to the CANBUS .....

That would indeed allow them the do virtually everything. Except for unlock my BearLock ....

I am fairly sure that the Cobra alarm is outside the Canbus.

 

[neergh]

Hi, question for the legal eagles out there:

Is the act of hacking into someone's wifi without permission breaking the law? I remember a case some 10 years ago in the UK when a kid used his neighbours internet wifi connection without permission. Also found the computer misuse act 1990 in the uk which might apply.

 

[anko]

Hmmm, makes you wonder .... What if 'they' update the firmware of the REMOTE ECU (which we know can be done over WiFi) with a version that is less of a firewall and more of a passthrough to the CANBUS .....

That would indeed allow them the do virtually everything. Except for unlock my BearLock ....

I am fairly sure that the Cobra alarm is outside the Canbus.

The Cobra alarm is enabled / disabled by the car keys. I assume it would be possible to make the car believe "Open" was pressed on the FOB by sending CANBUS messages. If you have the supplemental Cobra Driver Cards + additional immobiliser, that would be a different story.

 

[SolarBoy]

Hi, question for the legal eagles out there:

Is the act of hacking into someone's wifi without permission breaking the law? I remember a case some 10 years ago in the UK when a kid used his neighbours internet wifi connection without permission. Also found the computer misuse act 1990 in the uk which might apply.

If the WIFI is open with no encryption then it's fine.

If the encryption is hacked/broken then that's against the law.

 

[jaapv]

Hmmm, makes you wonder .... What if 'they' update the firmware of the REMOTE ECU (which we know can be done over WiFi) with a version that is less of a firewall and more of a passthrough to the CANBUS .....

That would indeed allow them the do virtually everything. Except for unlock my BearLock ....

I am fairly sure that the Cobra alarm is outside the Canbus.

The Cobra alarm is enabled / disabled by the car keys. I assume it would be possible to make the car believe "Open" was pressed on the FOB by sending CANBUS messages. If you have the supplemental Cobra Driver Cards + additional immobiliser, that would be a different story.

I did not even know there was a version without driver card.

 

[anko]

That explains . But I have one without .... Ordered Alarm with DC first, and then changed the order to Alarm + BearLock.

 

[Dawn]

I'm really not worried about someone hacking into my car wifi... The biggest issue we have around here (I'm 20km north of central Stockholm, Sweden) is the mobs from across the Baltic who come and steal car tyres. I had a neighbour who left his house for work one day and found his Volvo stacked on bricks. It's avery quiet, very low-crime neighbourhood too. But every so often the thugs come to town and take tyres. :roll:

 

[ChrisMiller]

My experience may be atypical, but I don't know many people in the UK who own a 'normal' modern vehicle and who've bothered to improve on the manufacturer's alarm/immobiliser system. Certainly insurers will rarely insist on it. I think we have a couple of extra security 'devices' unavailable to our continental friends:

1. Right-hand drive makes a stolen British car less attractive for resale overseas.

2. Getting a stolen car out of the UK means taking it through one of a handful of ferry ports, whereas a car stolen in Berlin can be driven out of the EU to Minsk or Lviv in under 10 hours.

 

[jthspace]

I added this as I had to leave the car for 2 weeks at a car park, more a visual deterrent but still useful.

https://goo.gl/qWx36t

Jeff

 

[SolarBoy]

I really want to go back to using the App, have Mitsubishi resolved the security issue?

 

[ChrisMiller]

There hasn't been an update, so I'd guess not. It isn't actually much of an issue, unless you live in an area where your car can be lifted onto a low-loader and taken away without anyone noticing. (And even then, who pays any attention to a sounding car alarm?)

 

[Muddywheels]

According to Mitsubishi website they're still working on a fix for this - it doesn't appear to be high priority then :?