Drivers warned over car ‘hacker loophole’ that would let crooks distract you, listen to your chats & track your location

MOTORISTS have been warned that hackers could hijack their car’s dashboard screen and blast out sounds to distract them.

Experts claim to have unearthed a number of vulnerabilities affecting Apple’s AirPlay and CarPlay systems.

CarPlay is available in more than car 800 models, including big brands like Audi, BMW, Ford and VW.

As well as taking over the dashboard screen, bad actors could track the vehicle’s location and listen in on chats too, according to researchers at Oligo.

They say it could be carried out by simply connecting to the car’s Wi-Fi hotspot.

And it’s particularly troublesome if you have a basic or default password.

Techies refer to this as a Remote Code Execution (RCE) attack, specifically dubbed “AirBorne”.

“If the device has a default, predictable or known wifi hotspot password, it is possible to gain access and then execute the RCE,” they warn.

Even for CarPlay devices that require a PIN there could be a risk, as a hacker could be close by to snoop on your screen for the code.

Apple is believed to have already patched the issue but it’s down to third party manufacturers to deploy the software updates, a security expert told Wired.

The tech giant hasn’t responded to The Sun’s request for comment.

In total, Oligo revealed 23 security loopholes.

Most of these concern AirPlay, the popular Apple feature that lets you cast content from products like an iPhone to your TV screen or other devices.

Two of the issues uncovered were identified as “wormable” meaning cyber crooks could take over an AirPlay device and then spread harmful malware throughout “any local network the infected device connects to” as long as they’re connected to the same Wi-Fi as you.

They could also get hold of your files and sensitive information.

“Apple and Oligo have worked together to thoroughly identify and address the vulnerabilities with the goal of protecting end-users,” Oligo said.

“Apple has released its latest versions of software to address the vulnerabilities and has allowed time for those devices to be updated.”

WORST PASSWORDS REVEALED

Tje National Cyber Security Centre (NCSC) has compiled 20 of the most common passwords around.

Common passwords mean they’re easy for cyber thieves to guess – so if you’re using one on your car you might want to change it right now.

• 123456
• 123456789
• qwerty
• password
• 1111111
• 12345678
• abc123
• 1234567
• password1
• 12345
• 1234567890
• 123123
• 000000
• Iloveyou
• 1234
• 1q2w3e4r5t
• Qwertyuiop
• 123
• Monkey
• Dragon

Names, favourite football teams, musicians and fictional characters are also very popular and therefore easy to guess.

The best sort of password is long and easy to remember – so the NCSC suggests using three random words strung together.

Of course, you shouldn’t recycle passwords on various platforms or devices either.

Should a hacker gain access to one they could then go onto access your other accounts.