Radio Data System (RDS) Attacks

RDS Attacks involves tricking victims into installing a benign-looking app that uses the RDS interface. Initially, this app exhibits no malicious behavior. Post-installation, the app dynamically downloads a backdoor, reassembling RDS packets to execute the payload. The exploit remains undetected as antiviruses can't scan runtime downloads. The attack bypasses Android's security checks of the vehicles infotainment system, exploiting vulnerabilities in the FM Radio API.

Technique_ID
ATE-012
Severity of Impact
High
Severity of Feasibility
Medium
Scalability
Moderatly
Domain
Automotive
Rail