A newly discovered vulnerability in Kia's system allows hackers to gain full control of a car by knowing only its license plate number. This discovery raises serious concerns about the safety of modern cars.
Kia Vulnerability
New Security Threat
Two years after the sensational Kia Challenge, the Korean automaker again found itself at the center of a scandal. This time, a critical vulnerability has been identified that allows attackers to unlock and start any Kia car with only information about its registration number.
The essence of the problem
Cybersecurity researcher Sam Curry and a colleague discovered a serious flaw in the Kia dealer system. This flaw opens up the possibility of gaining control of a vehicle without physical access to the key or the vehicle itself.
Hacking mechanism
The problem lies in the Kia Connect application, designed to remotely control vehicle functions. Curry identified a vulnerability in the communication process between the program and Kia servers. Using the methodology used by dealers to register new cars through the KIA KDealer platform, the researcher was able to imitate the actions of an official dealership.
Access process
To carry out the hack, Curry developed a tool that uses a third-party API to match the license plate to the vehicle's VIN. This allowed him to remotely access any Kia model produced in the last decade in a matter of seconds.
Scope of threat
In addition to control of the car, the hacker gains access to the owner's personal data, including name, contact information and location vehicle. Moreover, an attacker can add himself as a hidden user, and on some models even gain access to on-board cameras.
Background to security problems
A vulnerability in Kia and Hyundai systems was previously identified due to the lack of an electronic immobilizer in models produced in the USA from 2011 to 2021. This problem still negatively affects the reputation of Korean automakers and creates difficulties for owners when it comes to car insurance.
Manufacturer's response
Fortunately, Kia was informed of the new vulnerability before it became widely known and successfully fixed the problem. However, the very fact of the discovery of such a serious security gap raises reasonable doubts about the reliability of the protection of cars of this brand.
Glossary
- Kia Challenge - a viral trend associated with the theft of Kia and Hyundai cars
- VIN code - unique vehicle identification number
- Kia Connect - application for remote control of Kia vehicle functions
- KIA KDealer - platform for Kia dealers
- Immobilizer - an electronic device that prevents car theft
Links
Answers to questions
Q What is the new vulnerability of Kia cars?
How do hackers gain access to personal data of Kia owners?
What problems did Hyundai and Kia owners encounter after the vulnerability was discovered two years ago?
How did Kia respond to the new security vulnerability?
What are the risks of using the Kia Connect program?
Hashtags
Save a link to this article
Discussion of the topic – New Kia vulnerability: how hackers can steal your car using a license plate
A hacker has discovered a new vulnerability in Kia cars that allows the car to be unlocked and started, knowing only the license plate number. This comes two years after the Kia Challenge, which uncovered ways to steal Kia and Hyundai models made after 2011.
Latest comments
8 comments
Write a comment
Your email address will not be published. Required fields are checked *
Olivia
Wow! 😱 I just bought a new Kia and now I'm learning about this vulnerability. How can you now be sure of the safety of your car?
Miguel
Olivia, I understand your concern. But don't panic ahead of time. I'm sure Kia is already working on fixing this problem. In the meantime, I advise you to install an additional alarm or GPS tracker. 🚗🔒
Anna
Guys, maybe this is just an exaggerated story? 🤔 I've owned a Kia for 5 years and haven't had any problems. I think the manufacturer will quickly fix everything.
Hans
Anna, it's better not to underestimate the threat. I work in IT security and vulnerabilities like this are a serious problem. Kia must urgently release a software update and strengthen the security of its systems. 💻🔐
Gerhard
All this electronics in cars is a complete headache. My good old 1985 Volkswagen has no such problems. Key in the ignition and off we go. No hackers or vulnerabilities for you. 🚗
Sophia
Gerhard, your position is clear, but progress cannot be stopped. 😊 Modern cars are much safer and more economical. I think Kia will learn from this situation and strengthen its protection. The main thing is not to ignore the problem.
Pierre
I agree with Sophia. We need to move forward and not return to old technologies. I am confident that Kia will quickly fix this vulnerability. In the meantime, I advise all owners to be vigilant and follow updates from the manufacturer. 🚀🔧
Olivia
Thanks everyone for the advice! 🙏 I will follow the news from Kia and will definitely install additional protection. Pierre, you're right, you need to be aware of all the updates. I hope the manufacturer quickly solves this problem!