Breath of the RF Field presented at ReconMontreal2018 2018

by James Chambers,

Summary : Nowadays any recent car up to 5 years old comes with something called “Infotainment”, this is that IPad-looking screen that allows you to use the GPS Navigation, select your favorite music from your IPod, make or receive calls while speaking through the Car’s speakers, or even ask the Car to read a SMS message for you, that along with the latest self-driving technologies popping up everywhere cannot longer be handled by a microcontroller, it requires an embedded OS to support all those features and therefore the world started worrying about the possibility to get Ransomware on the Car or an Infostealer reading all your SMS messages while you are driving, or triggering a DoS on the CAN Bus so that the Car cannot work properly, etc. All those scenarios used to be hypothetical until now, we grabbed an infotainment, broke into it and reversed engineer all its main components with one goal in mind: to infect the Infotainment with malware that can be commanded remotely through SMS messages.