Nissan Shuts Down Leaf Mobile App Following Security Hack

Published by Mike on

Earlier this week, Nissan deactivated the NissanConnect EV app for its Leaf electric car. The automaker made the move after a computer researcher exposed a security issue that allowed hackers to view information and control features on others’ Nissan Leaf EVs.

Researcher Troy Hunt reportedly discovered the flaw last month before publishing his findings on his blog Wednesday. According to Hunt, a flaw allows hackers to use the app to control the Leaf’s climate control system simply by obtaining the vehicle’s Vehicle Identification Number (VIN). The security flaw also provides access to the vehicle battery’s state of charge.

2016 Nissan Leaf EV center stack screen2016 Nissan Leaf EV center stack screen

Hunt emphasizes that the flaw doesn’t affect other vehicle systems or how the vehicle drives. Still, he is critical of Nissan for allowing this breach to happen in the first place and its slow response to the issue. Hunt claims he informed Nissan on January 23, well over a month before Nissan finally deactivated the mobile app on February 25.

“I would have preferred the see faster action from Nissan,” Hunt wrote on his blog. “In my view, this is the sort of flaw that needs to have the service pulled until it can be fixed properly and restored.”

We reached out to Nissan and received an emailed statement. “The NissanConnect EV app (formerly called CarWings and is used for the Nissan Leaf and eNV200) is currently unavailable,” Nissan said in the statement. “We apologize for the disappointment caused to our Nissan Leaf and eNV200 customers who have enjoyed the benefits of our mobile apps. However, the quality and seamless operation of our products is paramount. We’re looking forward to launching updated versions of our apps very soon.”

A Nissan spokesperson said the automaker doesn’t have an exact date on when the updated app will launch.

While this hack isn’t as dramatic as the one that took full control of a Jeep Cherokee, it should serve as a cautionary tale for all automakers who are rolling out more app-based features. Volvo, for example, announced it will offer smartphone app keys by 2017, while a number of automakers already allow owners to control a number of vehicle functions via a personal mobile device.

Source: USA Today, Troy Hunt

2016 Nissan Leaf EV side profile
2016 Nissan Leaf EV Zero Emission badge
2016 Nissan Leaf EV rear three quarter charging station
2016 Nissan Leaf EV rear three quarter charging station 02
2016 Nissan Leaf EV plug in port
2016 Nissan Leaf EV rear badge
2016 Nissan Leaf EV front three quarter
2016 Nissan Leaf EV front end
2016 Nissan Leaf EV front interior seats
2016 Nissan Leaf EV charge
2016 Nissan Leaf EV drive modes
2016 Nissan Leaf EV front wheels

The post Nissan Shuts Down Leaf Mobile App Following Security Hack appeared first on Motor Trend.

Categories: Recommend

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Posts

Recommend

Sherp ATV | Autoblog Minute

Filed under: Videos,Autoblog Minute,Original Video The Russian made Sherp ATV is an all-terrain vehicle that can even “drive” on water. It has an aluminum body with tubeless low-pressure tires that easily climb obstacles. The Sherp Read more

Recommend

GME Performance Tunes Euro-Spec Ford Mustang GT to 705 HP

GME Performance modified this 2017 Ford Mustang GT to get much more power from its 5.0-liter V-8 motor and gave the body a blacked-out color-scheme to let other drivers on the road know that it Read more

Recommend

Panoz’ New GT-EV Prototype is an All-Electric Le Mans Hopeful

Panoz has unveiled a full electric prototype racer that it hopes to field in the 2018 24 Hours of Le Mans. Officially called the Green4U Panoz Racing GT-EV, the prototype has an expected battery range Read more