Learn how to identify and exploit vulnerabilities in automotive systems through this technical presentation that examines remote car hacking via OBD-II Bluetooth dongles. Explore potential attack vectors, hardware security bypasses, and firmware manipulation techniques as security researchers Aaron Luo and Spencer Hsieh from VicOne's Automotive Cyberthreat Research Lab demonstrate compromising vehicle systems through mobile app weaknesses, Bluetooth pairing vulnerabilities, and CAN bus message forgery. Gain detailed insights into automotive cybersecurity concepts including development backdoors, over-the-air update mechanisms, hardware protection circumvention, and practical exploitation methods that enable remote vehicle control. Follow along with hands-on demonstrations covering Android app modifications, SWD debugging, integrity check algorithms, and real-world examples like remotely controlling car windows through compromised OBD-II dongles.
Remotely Hacking Cars Through OBD-II Bluetooth Dongles - Security Vulnerabilities and Attack Vectors
Automotive Security Research Group via YouTube
Overview
Syllabus
Intro
Welcome
Common Attacks in Automotive
Vehicle Network
PIN Layout
Mobile Edge
Advertiser
TMobile
Specifications
Mobile App
Android App
Weakness
Uber Tools
Android App Modification
Update Framework
Setup
Hardware Security
Disable Hardware Security
Hidden Function
SWD Debug
Integrity Check Algorithm
Research
Automatic Window Closer
Remotely Close Windows
Modify Android App
Demo
Summary
Conclusion
Taught by
Automotive Security Research Group
