Researchers: California’s Digital License Plates Could Allow Hackers to Track Location

Security researchers were able to gain “super administrative access” to Reviver, the sole provider of California’s digital license plates, and track the GPS location of all of vehicles they are associated with.

A team of security researchers successfully obtained “full super administrative access,” which allowed them to perform a slew of tasks involving the company’s user accounts and vehicles, according to a blog post by researcher Sam Curry.

After gaining access, a hacker could track the physical GPS location of all license plates of Reviver customers, as well as change the slogan or personalized message at the bottom of the plates to arbitrary text.

The personalized messages on the license plates involves a feature that allows customers to digitally update the bottom section of their plates to display different messages, such as, “Go Team!” or “looking for a trail.”

Additionally, a hacker could update any vehicle status to “STOLEN,” which would alert authorities.

“An actual attacker could remotely update, track, or delete anyone’s REVIVER plate,” Curry wrote in his blog post, revealing that he and his team had found security vulnerabilities across the automotive industry, not just with Reviver.

Keep reading

Author: HP McLovincraft

Seeker of rabbit holes. Pessimist. Libertine. Contrarian. Your huckleberry. Possibly true tales of sanity-blasting horror also known as abject reality. Prepare yourself. Veteran of a thousand psychic wars. I have seen the fnords. Deplatformed on Tumblr and Twitter.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: