Abstract
Ransom attacks have attracted widespread attention from researchers, however, there have been relatively few researches on vehicles, especially for electric vehicles (EVs). Such attacks mainly accomplish their purpose by exploiting vulnerabilities of vehicle itself, but often have a narrow attack surface. In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles. Additionally, we design a physical plugin for charging connectors that can extend the EV models affected by the described ransom attack. In this case, the CPRA needs a preparing step to locally install the plugin on the connector.
Overview
In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles.
I presented the demo to the audience. Just one vote less than the runner. Remember to vote ASAP next time.
Xiang Li
Ph.D. Candidate in Cyberspace Security (Tsinghua University)
Xiang Li is a 5th-year Ph.D. candidate at the Institute of Network Science and Cyberspace, Tsinghua University, advised by Professors Qi Li and Haixin Duan. His research interests include network security, protocol security, IPv6 security, DNS security, Internet measurement, network & protocol fuzzing, network vulnerability discovery & attack, and underground economy with 12 research papers. As the first author, he has published many research papers at all top-tier security conferences, including Oakland S&P, USENIX Security, CCS, NDSS, and Black Hat. He has obtained over 180 CVE/CNVD vulnerability numbers, more than $11,600 rewards, multiple CERT reports, 60+ news coverage, and RFC acknowledgement. He got multiple prizes, such as 1st prize of IPv6 Technology Application Innovation Competition, Tsinghua Outstanding Scholarship, and LongFor Excellent Scholarship.