Nissan Leaf Electric Car Vulnerable To Hacking
Troy Hunt reported the flaw after reporting it to Nissan, giving the company a month to fix the issue before making the flaw public. Nissan said it could not yet comment.
Although the problem is not life-threatening, Hunt told BBC News, hackers can still take advantage of the NissanConnect appÂ’s vulnerability to cause mischief by running down peopleÂ’s batteries, the report said.
"The right thing to do at the moment would be for Nissan to turn it off altogether," Hunt told the BBC. “They are going to have to let customers know. And to be honest, a fix would not be hard to do. It's not that they have done authorization [on the app] badly, they just haven't done it at all, which is bizarre."
To confirm the problem existed, Hunt used the VIN number of a Nissan Leaf-owning acquaintance based in the UK, the report said.
"I was sat in the vehicle with everything powered off and didn't have my key on me," recalled Scott Helme, who is also a cybersecurity adviser.
"So, the vehicle was as it would be if it was completely unattended.
"As I was talking to Troy on Skype, he pasted the web address into his browser and then maybe 10 seconds later I heard an internal beep in the car.
Related News
Maryland’s renewable energy facilities break pollution rules, say groups calling for enforcement
BALTIMORE - Many facilities that supply Maryland with renewable energy have exceeded pollution limits or otherwise broken environmental rules, violating a state law, according to a complaint sent by environmental groups to state energy and law enforcement officials.
Maryland law says that any company that contributes to a state renewable energy goal — half the state’s energy portfolio must come from renewable sources by 2030 — must “substantially comply” with rules on air and water quality and waste management. The complaint says more than two dozen power generators, including paper mills and trash incinerators, have records of formal or informal enforcement…
