OnStar Hack Can Open Doors, Start Car, Track Driver

Aaron Cole
by Aaron Cole

Not content with scaring the bejesus out of Chrysler owners, Wired has uncovered a hacker who says he can open a GM car with OnStar, start it or track it remotely. The only thing he can’t do is put the car in gear or steer it, which still requires a key.

Hacker Samy Kamkar says his $100 device can seriously annoy — or seriously rob — a GM car owner if he wanted it to. GM promptly responded by saying it fixed the flaw in a way that owners won’t have update their cars.

Kamkar said his exploit wasn’t mean to cause mayhem, but rather to show how modern, technological cars can be vulnerable to hackers.

Kamkar’s hack wasn’t as simple as the St. Louis duo’s Uconnect exploit that prompted a recall earlier this month.

A WiFi-enabled box would be attached to the target vehicle and emulate a well-known network, such as a popular coffee shop hotspot. Assuming the user logged onto the phony network and launched the GM RemoteLink app, Kamkar’s hack could retrieve the car’s data, including position. Kamkar could unlock the doors — or start the car.

“As soon as you’re on my network and you open the app, I’ve taken over,” Kamkar told Wired.

Kamkar said he’s only tried the hack on his friend’s 2013 Chevrolet Volt, but he’s confident the system would work on any OnStar-enabled car.

GM said it became aware of the hack a few days ago and patched the issue within hours of the story’s publish earlier today.

Surprisingly, this photo is provided by the manufacturer.

Aaron Cole
Aaron Cole

More by Aaron Cole

Join the conversation
7 of 19 comments
  • Volt 230 Volt 230 on Jul 30, 2015

    What you are referring to is mechanical sabotage, yeah, someone can cut my brake lines or put water in the master cylinder, or sugar in my tank, this is different, the systems in new cars are ripe for this kind o electronic hacking

    • See 1 previous
    • Exfordtech Exfordtech on Jul 31, 2015

      Sugar actually won't dissolve in gasoline. If enough is in the tank it can clog the pump screen, the fuel filter if any gets by the screen, and possibly the injectors if any makes it that far. Much better revenge is (according to a local bookie who knew a guy that did collecting) a Snickers bar, apparently the caramel will make it's way to the engine. Don't know if it's true, my guess is it simply clogs the pump screen. Leg breaking was discouraged, as it leaves the debtor unable to make payments, but a follow up phone call with a question of "how's ya car runnin', pay me" was much more effective.

  • Greg Locock Greg Locock on Jul 30, 2015

    "Assuming the user logged onto the phony network" If you go around logging into phony networks then people switching your car on and off remotely is the least of your worries. The Truth About ClickBait.

    • Power6 Power6 on Aug 01, 2015

      Many phones will remember SSIDs. If you use any open networks like starbucks the.you are open to spoofing with no action needed on your part.

  • Dwford Dwford on Jul 30, 2015

    It's interesting that I've noticed changes to the functionality of my Intellilink system, but not acknowledgment that GM does over the air updates...

  • Shaker Shaker on Jul 31, 2015

    I used Remote Link for the 3-month trial period on my '13 Malibu, and it was cool to be able to remote start my car using my cellphone. Using it that way, it is like a cell-phone call; it can't be intercepted/spoofed locally, so this hack couldn't work. I didn't know that Remote Link could be used locally over Wi-Fi (cheapskate owners don't want cell charges?) - of course it could be hacked/intercepted, like a garage door opener - and it would have limited range/usefulness. Seems like yet ANOTHER case against Wi-Fi in cars.