Attackers employ wide-range wireless communication methods, like cellular networks, to establish a widespread C2 channel, facilitating remote vehicle manipulation from significant distances.
Attackers utilizing mid-range wireless technologies, like WiFi, to set up a C2 channel, allowing for control within a localized area.
Attackers uses short-range wireless protocols, such as Bluetooth or NFC, to establish a command link to the vehicle, typically requiring proximity.
Attackers leveraging the SMS service to establish a C2 channel, enabling remote manipulation of vehicle systems.
Attackers can record video to gather information about the driver, passengers and the environment.
Attackers can take screen captures to gather information about the target device. This can include information such as applications running in the foreground, user data, login credentials, or other sensitive information.
Attackers can record audio data in the vehicle to obtain user conversations, phone calls or other sensitive information.
An attacker can use UDS and GMLAN protocols to gain sensitive information about the ECU.
Attackers exploit vulnerabilities to move between segregated networks within a vehicle, potentially gaining access to more sensitive or critical systems. For instance, bridging from an infotainment system to a car's braking system or accessing a train's control network from a passenger WiFi system.
Refers to the exploitation of an ECU to navigate or spread malicious activities across interconnected systems within a vehicle, potentially compromising multiple functionalities or subsystems. Leveraging vulnerabilities in one ECU can provide attackers with pathways to move laterally, targeting other ECU and escalating their influence over the vehicle's operations.