BrianKrebsSep 26, 2024

Heads up to Kia owners/potential buyers: Today, a group of independent security researchers revealed that they'd found a flaw in a web portal operated by the carmaker Kia that let the researchers reassign control of the internet-connected features of most modern Kia vehicles—dozens of models representing millions of cars on the road—from the smartphone of a car’s owner to the hackers’ own phone or computer. By exploiting that vulnerability and building their own custom app to send commands to target cars, they were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will.

https://www.wired.com/story/kia-web-vulnerability-vehicle-hack-track/

Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

Researchers found a flaw in a Kia web portal that let them track millions of cars, unlock doors, and start engines at will—the latest in a plague of web bugs that’s affected a dozen carmakers.

WIRED
Show threadFish Id Wardrobe ⁂

@briankrebs Ah, the Kia, whose owners sign a T&C that says the company are allowed to collect data from them for a long list of things, including sexual activity…

https://foundation.mozilla.org/en/privacynotincluded/kia/

*Privacy Not Included review: Kia

How creepy is your car? We read the privacy policies so you don’t have to. Learn how your favorite car brand stacks up when it comes to protecting your privacy and security.

Mozilla Foundation
Sep 26, 2024 at 8:06pmWeb