GM's OnStar RemoteLink App Hacked And Fixed Within 24 Hours - GM Authority (blog)
Cleverly called OwnStar , the hack was confirmed to be legitimate by GM-OnStar. Using the OwnStar device, Kamkar could access all of the functions available to a user logged into the OnStar RemoteLink app, including locking and unlocking doors, activating the horn and lights, starting the engine, and even finding the exact... For instance, Kamkar couldn’t drive the car away after unlocking the doors without having the vehicle’s key or key fob — a security feature available in all General Motors vehicles. In addition, the cars started remotely using Kamkar’s hack will automatically shut off after 10 minutes, and can only be started remotely twice until the owner physically entered the vehicle and started it from the cabin. The good news is that General Motors quickly issued a fix to its own systems, which Kamkar discovered was not enough to fully address the issue. GM confirmed this and, hours later, issued an update to the OnStar RemoteLink app on the iOS platform that addresses the issue. OnStar is a wholly owned subsidiary of General Motors (GM Holdings LLC) providing automotive telematics services. The service launched launched in 1996 and provides in-vehicle safety, security and connectivity services in Chevrolet, Cadillac, Buick-GMC, and Opel-Vauxhall. Source: gmauthority.com
