Security News > 2023 > April > CAN do attitude: How thieves steal cars using network bus
Automotive security experts say they have uncovered a method of car theft relying on direct access to the vehicle's system bus via a smart headlamp's wiring.
A Controller Area Network bus is present in nearly all modern cars, and is used by microcontrollers and other devices to talk to each other within the vehicle and carry out the work they are supposed to do.
In a CAN injection attack, thieves access the network, and introduce bogus messages as if it were from the car's smart key receiver.
In reality, the faults were generated as the thieves broke into a front headlamp and tore out the wiring, and used those exposed connections to electrically access the CAN bus and send messages telling other parts of the system to basically give the miscreants the car.
The fake speaker comes with cables you insert into an exposed bus connector, you press a button on the box, and it sends the required messages to unlock the car.
Back in 2016, security researchers demonstrated how crooks could break into cars at will using wireless signals that could unlock millions of vulnerable VWs. .
News URL
https://go.theregister.com/feed/www.theregister.com/2023/04/06/can_injection_attack_car_theft/