A hacker who goes by the handle Jmaxxz has exposed a series of vulnerabilities in a remote-based automobile app that may have exposed around 60,000 cars to hackers.
In a talk at the Defcon hacker conference in Las Vegas on Saturday, Jmaxxz identified several issues in a system called “MyCar” — developed by Canadian company Automobility, Wired reported.
Based on a scan of MyCar’s exposed database, Jmaxxz estimates that there were roughly 60,000 cars left open to theft by security bugs, with enough exposed data for a hacker to even choose the make and model of the car they wanted to steal.
MyCar’s devices and apps connect to radio-based remote start devices like Fortin, CodeAlarm and Flashlogic using GPS and a cellular connection to extend their range using an Internet connection.
Jmaxxz claims that the danger of these glitches is beyond theft or remote alarm-triggering pranks. Remotely starting a car without the owner’s knowledge could lead to dangerous carbon monoxide leaks which could be fatally dangerous.
Addressing the matter, MyCar’s parent company has said that all the resources at their disposal have been used to promptly address the situation, the report added.