UConnect, more botnets, and poor OTA updating practices

There have been some recent negative press on updating connected devices, including the OTA update that Fiat Chrysler sent out that causes endless reboots to their UConnect system. Another story that is gaining attention is the infection of tens of thousands of Dasan routers by the Satori malware, which is based on Mirai. Mirai is best known for infecting a large number of connected devices which targeted DNS provider Dyn and brought down large portions of the Internet in October 2016. We wrote an article about the IoT Botnet Wars and some basic security hardening strategies not to be overlooked.

The Fiat Chrysler OTA update is causing certain UConnect systems from 2017 and 2018 to continually reboot the infotainment system with the screen restarting every minute. Unfortunately, it is not just isolated to the SiriusXM radio as the system is also responsible for climate settings, seat heater, and accessing the backup camera. UConnect has given an update that they will disable SiriusXM’s Travel Link services for a temporary fix.

While UConnect has isolated the problem, it is concerning that a major manufacturer did not use commonly accepted best practices for OTA updates. Clearly, there was no rollback. And rather than a phased rollout, the update was deployed all at once - a very risky approach. Another issue was the updates were released on a Friday, not an ideal day if you want to make sure there are resources available to quickly address any issues that may arise. Fiat Chrysler were not able to respond to this issue until Monday.

The Satori botnet that is building primarily off of the routers by Dasan Networks is another troubling story. The router company has maintained radio silence when queried about the exploit. It has been revealed that Satori, which means sudden enlightenment, is exploiting firmware bugs that are left unpatched. Unfortunately, it appears that the malware itself is receiving more updates than the target device.

Recent articles

Enhancing Sustainability in Oil & Gas: Tackling Methane Emissions with Cutting-Edge Solutions

Enhancing Sustainability in Oil & Gas: Tackling Methane Emissions with Cutting-Edge Solutions

The oil and gas industry faces a crucial environmental challenge in pursuit of a greener and more sustainable future: reducing methane emissions.
CVE-2024-37019 - Account takeover using SAML

CVE-2024-37019 - Account takeover using SAML

CVE-2024-37019 is an account-takeover vulnerability in Mender Enterprise which was fixed in versions 3.6.4 and 3.7.4.
The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The critical question for the automotive industry is: how can you shorten the time to market and innovate faster in software and AVs to meet more demanding customer requirements?
View more articles

Learn more about Mender

Explore our Resource Center to discover more about how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices.

 
sales-pipeline_295756365