Slashdot Mirror

← Back to Stories (view on slashdot.org)

You Can Hack Some Mazda Cars With a USB Flash Drive (bleepingcomputer.com)

Posted by BeauHD on from the easy-as-1-2-3 dept.

An anonymous reader writes: "Mazda cars with next-gen Mazda MZD Connect infotainment systems can be hacked just by plugging in a USB flash drive into their dashboard, thanks to a series of bugs that have been known for at least three years," reports Bleeping Computer. "The issues have been discovered and explored by the users of the Mazda3Revolution forum back in May 2014. Since then, the Mazda car owner community has been using these 'hacks' to customize their cars' infotainment system to tweak settings and install new apps. One of the most well-designed tools is MZD-AIO-TI (MZD All In One Tweaks Installer)." Recently, a security researcher working for Bugcrowd has put together a GitHub repository that automates the exploitation of these bugs. The researcher says an attacker can copy the code of his GitHub repo on a USB flash drive, add malicious scripts and carry out attacks on Mazda cars. Mazda said the issues can't be exploited to break out of the infotainment system to other car components, but researchers disagreed with the company on Twitter. In the meantime, the car maker has finally plugged the bugs via a firmware update released two weeks ago.

1 of 52 comments (clear)

  1. This is a repeat from the mid 70's to early 90's by Snotnose · · Score: 2, Informative

    The gas crisis hit. Cars suddenly had to hit smog standards. At the same time mandatory seat belt laws came into effect. The result was poorly performing cars with pain in the ass seatbelt restraints. I had an '87 Ford Escort, with a shoulder harness that slid along a track. It sucked. As did the car. In every possible way. As in, replacing all light bulbs within 2 years. Rear seat floor rusting out after 4 years (Just past warranty) (In San Diego, no salted roads). Sold it at 80k miles cuz of fan belt squeal. Caused by a crankshaft pulley way off center that would take an engine rebuild to fix.

    Back then they shaved corners off everything they could, hence shitty cars. Now, they're using shitty firmware that is going to make the cars seriously avoidable for a good 10 years, until they wrap they're hide bound necks around software and security.

    / That '87 Ford Escort?
    // biggest pile of shit I've ever driven
    /// I'll probably never buy another American car again (I'm 59 in 3 weeks, YMMV).