DriveThru Car Hacking: Fast Food, Faster Data Breach
Black Hat Asia 2025 · Day 2 · Briefings
This talk, presented by Alina and George from Heat Security Labs, introduces a novel and concerning attack vector: **drive-thru car hacking** targeting ubiquitous dash cameras. The research highlights significant, yet often overlooked, security vulnerabilities in these devices, demonstrating how they can be easily weaponized to extract highly sensitive personal data. The speakers, alongside their team (Cheping, Penny, Rush, and Ben), delve into the technical intricacies of compromising dash cams, from bypassing authentication mechanisms to exfiltrating video and audio recordings, and even sabotaging vehicle configurations.
AI review
This research by Heat Security Labs is a brutal, much-needed reality check on the security posture of ubiquitous dash cameras. They've systematically exposed a critical, overlooked attack surface, demonstrating a novel "drive-thru hacking" methodology to compromise devices at scale, exfiltrate highly sensitive data, and even sabotage vehicle functions. This isn't theoretical nonsense; it's a meticulously researched, live-demoed attack chain that should make every dash cam manufacturer and user sweat.