Thousands of Chrysler vehicles can be hacked into from any computer connected to the internet, cutting out breaks, steering and transmission, according to two security experts and hackers who spend the last year creating a Uconnect hack.
Recently, a 2014 Jeep Cherokee was tested out by WIRED editor Andy Greenberg, who let the hackers attack his vehicle from the comfort of their couch as he proceeded down the highway.
Charlie Miller, security engineer at Twitter and Chris Valasek, director of vehicle safety research at Idactiv, triggered Greenberg’s PTSD by cranking the volume of the music and level of the fan in the vehicle, then activating the parking brake as the journalist drove down a busy highway.
So far, the hack has only been tested on the 2014 Jeep, but the team says that all late-model Chryslers equipped with Uconnect software are vulnerable.
According to Greenberg, who followed up on the security issue, Chrysler has since released a software update for the Uconnect issue. Chrysler posted a notice to its website informing its customers about a “software update to improve vehicle electronic security.”
For late-model Chryslers with Uconnect, owners are advised to update their software by entering their VIN number on Chryslers website, download the update to a USB, connect the USB to the vehicle, and answer the vehicle’s prompt, “Yes,” the owner confirms he wants to update the software.
This update is also a free service for anyone who brings their Chrysler into a dealership.
By James Haleavy
[youtube id=”MK0SrxBC1xs” align=”center” autoplay=”no”]