FCA Recalls 1.4 Million Cars After Jeep Uconnect Hack
Fiat Chrysler Automobiles announced that it would voluntary recall 1.4 million vehicles to patch a security exploit that could allow hackers to infiltrate a car’s vital systems.
The recall would apply to cars fitted with the Uconnect 8.4-inch touchscreen. A story released by Wired magazine this week detailed two hackers’ system that could take over a Jeep Cherokee and control the car’s systems, including throttle, braking and steering.
Jeep released the update last week, saying the patch was for “nothing in particular” and that they “continuously test vehicles systems to identify vulnerabilities and develop solutions.”
The release required owners to download the update onto a USB drive and install it themselves, or go to a dealership. FCA will mail affected owners a USB drive with the update now.
According to FCA, the company is unaware of any injuries related to the hack.
In a statement by the company, FCA says they’ve also implemented network-level security measures to prevent further hacks.
“Further, FCA US has applied network-level security measures to prevent the type of remote manipulation demonstrated in a recent media report. These measures – which required no customer or dealer actions – block remote access to certain vehicle systems and were fully tested and implemented within the cellular network on July 23, 2015.”
The affected models, according to FCA are:
- 2013-2015 Dodge Viper
- 2013-2015 Ram 1500, 2500 and 3500 pickups
- 2013-2015 Ram 3500, 4500, 5500 Chassis Cabs
- 2014-2015 Jeep Grand Cherokee and Cherokee SUVs
- 2014-2015 Dodge Durango SUVs
- 2015 MY Chrysler 200, Chrysler 300 and Dodge Charger sedans
- 2015 Dodge Challenger
Owners can check an FCA site to see if their VIN is included in the recall.
FCA said the hack required extensive work and was not a defect:
The software manipulation addressed by this recall required unique and extensive technical knowledge, prolonged physical access to a subject vehicle and extended periods of time to write code.
No defect has been found. FCA US is conducting this campaign out of an abundance of caution.
More by Aaron Cole
Comments
Join the conversation
It'd be funny if it wasn't so sad. As a kid I'd look up to professionals with the utmost respect. So disappointing. You can be a halfwit, and still be a successful engineer. You've just got to be good at memorizing a bunch of junk, then put on a decent show for other halfwits that memorized a bunch of other stuff. I've fired more "Pros", everything from electricians to lawyers, from knowing more than they do about the task at hand. Ridiculous.
From the article in Wired magazine: "...A set of GPS coordinates, along with a vehicle identification number, make, model, and IP address, appears on the laptop screen. It’s a Dodge Ram. Miller plugs its GPS coordinates into Google Maps to reveal that it’s cruising down a highway in Texarkana, Texas. He keeps scanning, and the next vehicle to appear on his screen is a Jeep Cherokee driving around a highway cloverleaf between San Diego and Anaheim, California. Then he locates a Dodge Durango, moving along a rural road somewhere in the Upper Peninsula of Michigan. When I ask him to keep scanning, he hesitates. Seeing the actual, mapped locations of these unwitting strangers’ vehicles—and knowing that each one is vulnerable to their remote attack—unsettles him." Hackers could pick a vehicle at random and kill the occupants. Automakers need to fix this NOW!