Nissan Deactivates EV App For Security Improvements
If you drive a Nissan LEAF or an eNV200, you might have used the automaker’s NissanConnect EV app to check on your vehicle. The app allows owners to check on their vehicle’s battery charge, heat up or cool down the cabin, and monitor other aspects of their vehicle. Nissan has decided to disable the app and beef up its security measures after a weakness was discovered by a security researcher.
Troy Hunt, a researcher in Australia, realized that it would be fairly simple to imitate the signals from the app and access information about the vehicle. With a VIN number and the code from the app, Hunt was able to access data from the targeted Nissan LEAF. The hack was limited to the functions of the app itself, so this is nothing like when hackers were able to drive a Jeep Cherokee into a ditch.
If someone were to exploit the security flaw in the app, the most control they would be able to exert over the vehicle would be turning on the air conditioning and heater (which could run down the EV’s battery). The hackers could also gather location information from the vehicle to notice a driver’s patterns and figure out where they work or live.
Nissan is committed to fixing this security flaw, which is why they have disabled the app while they work on the solution. Besides the location data, no other personal information was available to any potential hackers.
News Source: SlashGear