CarShark Software Lets You Hack Into, Control And Kill Any Car

CarShark's a computer program that'll let someone hack into a car's onboard computer system to kill the brakes, disable the engine, blast music and otherwise wreak electronic havoc. It's both clever and absolutely frightening. Here's how it works.

A team of researchers led by professors at the University of Washington and USCD hacked the Controller Area Network (CAN) system installed on all new cars built in the United States to show how potentially vulnerable the system is. The CAN is supposed to allow onboard vehicle systems to communicate so problems are easier to diagnose, but the hands of these hackers it's the open door to disabling a vehicle.

The researchers connected to the car via a simple OBD-II computer port and using the CarShark program, identified the packets of information being trafficked across the CAN. For some hacks they used a process called "fuzzing" and sent random bits of code to disrupt them. This caused horns to blow, trunks to pop and even the brakes to stop functioning. There's supposed to be a failsafe override for the brakes, but jamming the ABS solenoids could lock up the brakes so they're not usable.

The most frightening attack is called "self-destruct" and essentially counts down from 60 seconds on the dash clock and then shuts off the engine and locks the door.

Don't freak out too much. It's not a simple task for someone without a degree in computer science to access the CAN and rewrite the code for a modern car, but that it's possible at all is something scientists think automakers need to consider when protecting these systems.

The full research report can be found here.

[AutoSec, PC World, NYT]

Photo Credit: RT Design Studio/ShutterStock