1978 Jeep Cj on 2040-cars

Auto blog

Jeep in St. Louis hacked from Pittsburgh

One of America's most popular vehicles contains a security flaw that allows hackers to remotely commandeer it from anywhere on the planet. Cyber-security researchers Chris Valasek and Charlie Miller say they've accessed critical vehicle controls on a 2014 Jeep Cherokee that allowed them to remotely control critical vehicle functions like braking, transmission function, and steering. Automakers have downplayed the possibility a car could be remotely compromised, but the significance of the findings detailed Tuesday could cause them to reevaluate the threats posed to hundreds of thousands of vehicles already on the road. A key finding – the pair needed no physical access to the Jeep to pull off the attack. Valasek and Miller accessed the controls via a security hole in the Sprint cellular connection to Chrysler's UConnect infotainment system. In the course of their research, Valasek sat in his Pittsburgh home and remotely manipulated Miller's Jeep as he drove along a highway outside St. Louis. If you know a car's IP address, they say, a hacker could control it from anywhere. "We didn't add anything, didn't touch it," Valasek told Autoblog. "A customer could drive one of these things off a lot, and they'd have no clue it had these open attack surfaces." Remotely, he disabled brakes, turned the radio volume up, engaged windshield wipers and tampered with the transmission. Further, they could conduct surveillance on the Jeep, measuring its speed and tracking its whereabouts. They conducted the experiments over multiple breaches. They made their findings public on the same day the National Highway Traffic Safety Administration, the federal agency in charge of vehicle safety, released its latest report on the readiness of government and automakers to fend off these sorts of cyber attacks. Later today, two US Senators are expected to introduce legislation that would help consumers better understand the potential risks of car hacking. In the early stages of their research, Valasek and Miller found a security flaw in the car's wi-fi that allowed them to remotely manipulate controls from a range of about three feet. But in recent months, they found another vulnerability in the Sprint cellular connection in the UConnect system. That was a key breakthrough. "Lo and behold, we found we could communicate with this thing using cellular, and then more research, and 'Holy cow,' we're using the Sprint network to communicate with these vehicles," Valasek said.

Woman and child die after Jeep gets stuck in mud

A Florida woman and her baby died over the weekend when their Jeep sank into deep mud during an off-roading trip. Taylor Brown took his girlfriend Hallie Lewis and their infant son Bryson off-roading in his Jeep Cherokee on Saturday night. The Jeep became stuck in thick mud, according to WESH. Brown got out of the vehicle while Lewis and Bryson remained inside. Using a winch, Brown tried – unsuccessfully – to free the Jeep. The Cherokee was left running as he struggled to pull it out of the mud. When he returned to the Jeep to check on his son and girlfriend, he found them unresponsive. Taylor pulled the two out of the back window, but it was too late. Lewis was pronounced dead at a nearby hospital. The baby died shortly thereafter. Police are still investigating, but their deaths appear to be a tragic accident due to carbon monoxide poisoning. The tailpipe of the Jeep was either submerged or caked with mud, allowing the deadly gas to build up inside the vehicle. News Source: WESH Weird Car News Jeep tailpipe carbon monoxide

Aptly-named Hooligans motorcycle gang charged with stealing 150 Jeep Wranglers

Nine members of the Tijuana, Mexico-based Hooligans motorcycle gang are facing federal charges, accused of stealing 150 Jeep Wranglers in San Diego County, then moving them across the border, where they were sold or stripped for parts. "The joy ride is over for these Hooligans," said Deputy U.S. Attorney Mark Conover. "For many of us, our cars are our most valuable possessions," he said. "These arrests have put the brakes on an organization that has victimized neighborhoods in a different way, by stealing something very personal, something that has required a lot of sacrifice to purchase." Conover said the gang also stole dozens of motorcycles. The indictment alleges that the gang used old-fashioned shoe leather, a high-tech device, and a specific Chrysler dealership to pull off the thefts. San Diego County faced a rash of Wrangler thefts in 2014. Conover says most of the Jeeps were stolen in the middle of the night, and most were equipped with alarms, yet no alarm ever went off. Police were perplexed about that until they caught a break. On Sept. 26, 2014, a Jeep was stolen out of a driveway in Rancho Bernardo, where a security camera showed the thieves' method. Based on what they saw in the surveillance footage, officers sent Chrysler a list of 20 Jeeps that had been stolen and asked whether anyone had requested duplicate keys - and sure enough, a duplicate had been issued for all 20 - and all from the same dealership, in Cabo San Lucas, Mexico. The indictment alleges that the Hooligans would case a specific Jeep days ahead of stealing it, and would take down its vehicle identification number. Somehow they managed to obtain the secret key codes that would allow them to request a duplicate key for that particular Jeep. During the theft, the indictment says, the Hooligans would disable the alarms system, program the duplicate key using a handheld device, then simply drive away. The fact that Jeeps' engine bays can be easily accessed because of their external latches made the job even easier. (Authorities recommend Jeep owners purchase aftermarket locking latches.) Three of the gang members have been arrested. One was already in custody when two others were arrested this week, one of them at San Diego's massive San Ysidro border crossing. The six others facing charges are still at large and believed to be in Mexico. Seven are US citizens, while two are from Mexico. The collective value of the thefts is estimated at $4.5 million.