More insecure software around car (in)security

As I mentioned already, anything that runs software has to abide to secure coding principles.

Cars run more software than many other devices around us. And they run special software… which needs to be taken care of by other special software. And when that software is vulnerable, then you’re in trouble!

Now some researchers discovered that by exploiting a zero-day exploit found in car mechanics software used to debug and fix cars sold by the Volkswagen Group. This software is built and sold by third-parties, not Volkswagen. This is not new, I already wrote an article about this: As expected: the USB Stick-like infection from PCs goes to automotive as well!


The researchers said they only experimented with the exploit on an Audi TT model, but other car makes and models may be vulnerable as well, at least in theory.

The attack leverages poor PC security measures, not the actual car software (source: Softpedia)

The attack, as described by the three scientists, relies on infecting with a car dealership’s computers with malware which leverages this vulnerability in the car computer debug tools used by mechanics.

When this tool is connected to an Audi TT to perform routine maintenance checks or fixes, the malware will turn off the car’s airbags system, all without the mechanic or the car owner noticing it.

Nice… Plug and infect. Just like the old boot infector viruses.


How can you prevent this?

Several mechanisms can be used to prevent something like this:

  • Never connect a diagnostics computer to the Internet. If updates are required, install them via DVD or with a special software via a host computer. No matter how you turn this situation, it is required to have updates. And it is more likely that they come via Internet than via a DVD or USB stick.
  • Block USB ports on diagnostic computers
  • Have an antivirus installed on all computers.

© Copyright 2015 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check for seeing the consulting services we offer.

Visit for latest security news in English
Besuchen Sie für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: