Cybercriminals Exploit CAN Injection Hack to Steal Cars
Cybercriminals are exploiting a vulnerability in the Controller Area Network (CAN) injection method to steal connected cars. The hackers gain network access through various methods, such as breaking open a headlamp and sending messages using its connection to the CAN bus, and then manipulating other systems to steal the car. Experts have assigned a CVE identifier (CVE-2023-29389) to the Toyota RAV4 hack. The attackers cannot directly connect to the smart key ECU but must reach it via the wires connected to the headlight only when both are on the same CAN bus. CVEs: CVE-2023-29389 [View Article](https://www.hackread.com/thieves-use-can-injection-steal-cars/)