Curry, who operates for New York-primarily based Yuga Labs, a blockchain-primarily based application development organization, is known in cybersecurity circles for his fascination in vehicle telematics.
In September 2022, a hacker achieved out to Curry to present him how he had breached Uber’s backend systems and compromised the trip-hailing service’s Amazon and Google-hosted cloud environments exactly where the company merchants its source code and consumer details.
The automakers and SiriusXM mentioned no mishaps resulted from the likely safety breach.
“Honda is knowledgeable of a documented vulnerability involving SiriusXM related auto providers furnished to several automotive models, which, according to SiriusXM, was resolved promptly right after they realized of it,” Jessica Fini, a Honda spokeswoman, said in a assertion. “Honda has viewed no indications of any destructive use of this now-fixed vulnerability to access connected car or truck services in Honda or Acura motor vehicles.”
In a statement, SiriusXM Linked Auto Services claimed that “the issue was settled in 24 several hours right after the report was submitted. At no stage was any subscriber or other knowledge compromised, nor was any unauthorized account modified employing this technique.”
Hyundai spokesman Ira Gabriel explained to Automotive Information that the automaker worked with third-social gathering consultants to look into the vulnerability as before long as Curry and his team introduced the protection challenges to their consideration.
“Importantly, other than the Hyundai autos and accounts belonging to the scientists them selves, our investigation indicated that no shopper cars or accounts ended up accessed by other folks as a end result of the challenges elevated by the researchers,” Gabriel mentioned.
To hack a Hyundai, Gabriel explained a person desired the electronic mail deal with related with the account, alongside with the VIN and the script, or code, made use of by the hackers.
Nonetheless, Hyundai applied countermeasures inside days of notification to even further enrich the protection and safety of its techniques, he stated.
Curry instructed Automotive News that he assumed automakers could make their smartphone purposes much more safe by way of standardization, but they each individual choose separate techniques in creating their applications.
“This is a genuinely sophisticated concern, but I’d like to consider our investigate helped solution some of them,” Curry stated. “Developing market requirements and standardizing protocols would assistance.”
