Toyota Yaris Remote Hacking Defect Petition Denied by Feds | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Owner of 2019 Toyota Yaris alleges automaker should refund the cost of the Yaris.

February 23, 2024 —
The government has denied a petition to investigate alleged electronic remote hacking of a 2019 Toyota Yaris that allegedly caused electrical malfunctions in the vehicle.

In June 2023, Mr. Kimberlyn Hearns submitted a defect petition attributing electrical malfunctions of his 2019 Toyota Yaris to remote attacks by unknown parties targeting the Yaris CAN Bus.

The petitioner wanted help in receiving a full refund of the price of the 2019 Yaris, and Hearns also requested a formal hacking investigation by the National Highway Traffic Safety Administration.

The petitioner says when the Yaris had about 46,000 miles on it, the owner heard three beeps while driving at low speed followed by the engine shutting down. He finally got the Toyota Yaris restarted but a check engine light remained on. The dealer said the problem was a bad battery which was replaced.

But the petitioner said problems continued, including loss of engine power, warning lights and head unit malfunctions, causing the petitioner to take the Yaris to a different dealership. However, technicians couldn’t find anything wrong with the vehicle.

The petitioner said while he was in his house, the Yaris warning lights were flashing and the horn kept activating.

NHTSA contacted Toyota which responded with these facts:

  1. “This vehicle is not equipped with a cellular communication module; therefore, it is not capable of communicating with a cellular network.”
  2. “The multimedia system, which includes Bluetooth connectivity, operates on a local bus network dedicated to the multimedia system.”
  3. “This vehicle’s multimedia system is capable of connecting to a cellular phone to support hands-free features, such as hands-free calling and streaming audio from the phone.”
  4. “This vehicle does not have advanced connectivity features, such as Apple CarPlay or Android Auto.”

In deciding to deny the petition to investigate alleged hacking of the 2019 Toyota Yaris, federal safety regulators concluded the following.

  1. “Notwithstanding the conditions cited by the petitioner, the subject vehicle lacks the external cellular connectivity needed to make it vulnerable to remote cyberattacks.”
  2. “Bluetooth connectivity is limited to multimedia and hands-free communication.”
  3. “The Agency has uncovered no other evidence of related cyberattacks or similar symptoms in 2019 Toyota Yaris vehicles.”


Click Here For The Original Story From This Source.


National Cyber Security