Double Tap at the Blackbox: Hacking a Car Remotely Twice with MiTM
Black Hat Asia 2025 · Day 2 · Briefings
This talk, "Double Tap at the Blackbox," by researchers from the 360 Vulnerability Research Institute, delves into the sophisticated process of remotely compromising a connected vehicle twice, using only man-in-the-middle (MiTM) techniques and without prior hardware access or extensive knowledge of the target system. The presentation outlines two distinct attack chains that leverage common software vulnerabilities and implementation flaws to gain deep control over a popular Chinese automotive brand. The "double tap" signifies the successive remote exploitation, while "blackbox" emphasizes the limited initial information the researchers had—no hardware, no firmware, just a rented car and an app from the store. This research is particularly significant for its demonstration of how high-impact automotive vulnerabilities can be discovered and exploited with relatively low cost and resource investment, challenging the perception that car hacking requires highly specialized hardware and deep insider knowledge. It highlights critical security shortcomings in both application update mechanisms and secure communication protocols within the automotive industry.
AI review
This 'Double Tap at the Blackbox' talk isn't some vendor's AI-powered fantasy; it's a cold, hard demonstration of how to remotely pwn a connected car, twice, with zero prior hardware access and minimal resources. The researchers from 360 Vulnerability Research Institute meticulously chained unencrypted app updates, a laughably simple factory mode bypass, and ancient kernel exploits (Dirty Cow, CVE-2015-1805) to achieve root. Then, for an encore, they exposed a fundamentally broken HTTPS certificate validation that allowed a second, independent MiTM for full car control. This isn't just…