Team-BHP > Electric Cars

Thread Tools Search this Thread
Old 26th February 2016, 14:06   #1
Distinguished - BHPian
Rajeevraj's Avatar
Join Date: Aug 2011
Location: Bangalore
Posts: 4,037
Thanked: 12,800 Times
Default Nissan suspends Mobile App of the Leaf Electric Car, post a hacking demonstration

Nissan Motor said Friday it has suspended a mobile phone application for a pair of electric vehicles, including the world's top selling Electric Car, The Leaf, after finding it can be easily hacked. The App can be used to control the Air Conditioning systems and also be used to access user information and trip related data.

This expose was done by Computer security researcher and hacker Troy Hunt using just a web browser and an Internet connection, with an unmodified Nissan Leaf in another country. While so far the control was limited to the HVAC system, it’s a revealing demonstration of what’s possible.

Hunt writes that his experiment started when an attendee at a developer security conference where Hunt was presenting realized that his car, a Nissan Leaf, could be accessed via the internet using Nissan’s phone app. Using the same methods as the app itself, any other Nissan Leaf could be controlled as well, from pretty much anywhere.

Hunt made contact with another security researcher and Leaf-owner, Scott Helme. Helme is based in the UK, and Hunt is based in Australia, so they arranged an experiment that would involve Hunt controlling Helme’s LEAF from halfway across the world. Below is a Here’s the video they produced of that experiment:

In the video, Hunt, who is in Australia, controls the Leaf of Helme who is in England. Using the API calls (which are said to be unsecured) via the browser, he is able to turn on and off the Air Conditioning Systems of the car. He is also able to get full trip log details. The identification on which car to do this to is via the VIN. He says this can be done to any Leaf anywhere in the world and does not require the car to be on or the driver to be in the car.

URL's to trigger

Nissan suspends Mobile App of the Leaf Electric Car, post a hacking demonstration-hack1.jpg

Returns Success. Blue indictor which indicates that the HVAC systems are on and working.

Nissan suspends Mobile App of the Leaf Electric Car, post a hacking demonstration-hack2.jpg

Trip Data Log returned

Nissan suspends Mobile App of the Leaf Electric Car, post a hacking demonstration-hack3.jpg

Nissan said the app, which controls the vehicles' air-conditioning systems, was currently unavailable but stressed no other "critical driving elements" were affected in the Leaf and eNV200 models. "Drivers across the world can continue to use their cars safely and with total confidence," it added.

Source: Online Reports.

Last edited by Rajeevraj : 26th February 2016 at 14:15.
Rajeevraj is offline   (1) Thanks

Most Viewed
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Copyright 2000 - 2021,
Proudly powered by E2E Networks