Illustration of a thief. Photo: Special
A cybersecurity expert specializing in automotive security, Ian Tabor proves, that it is made possible by signal hijacking methods.
He even managed to break into a Toyota SUV and managed to thrash him. As reported by TechSpot, Ian conducted his research by identifying CVE-2023-29389 and said that the Toyota RAV4 vehicle is able to automatically trust messages from other electronic control units (ECU).
“By pulling the bumper to expose the headlight connectors, people can gain access to the CAN bus, allowing them to send fake key validation messages. Once validated, thieves can start the car and drive away without any problems,” he said, quoted Monday (10/4/2023) .
After researching data and communication behavior across the CAN bus RAV4, Ian found that another ECU failed at the same time as the CAN bus fault. Ian then conducted additional research via YouTube, the dark web, and other sources.
He then teamed up with another automotive safety expert, Ken Tindell and successfully re-engineered the emergency start device, developing an understanding of how the device communicates with Toyota’s CAN bus.
Ian and Ken use additional tools in the form of JBL portable speakers. The dummy dial on the speaker case is then wired to the PIC18F chip. When pressed, the CAN message instructs the door ECU to unlock the vehicle doors.
Once unlocked, they removed the CAN Injector, got into the car, and drove off. Full details about the device, how it works, and how easy it is to build are on the Canis Automotive Labs website.
While the attack was successful on an SUV, the Toyota RAV4 is not unlikely in the future to have a similar attack on other vehicles using the same technology and architecture.
Ian and Ken have informed Toyota of the vulnerability, in the hope that it will be strengthened and no longer exploited. Unfortunately, there has been no response from the manufacturer for the vulnerabilities that exist.
(san)
