Nissan has mobile app forAppleandAndroiddevices for Nissan Leaf owners.
All Nissan Leafs share a VIN prefix of SJNFAAZE0U60 with the last 5 characters unique for each.
Hunt says that to dive into the APIs the hacker just needs to know the full VIN.
This code is usually stencilled into a cars windscreen, making it relatively easy to copy.
To conduct the attack, the hacker need not even use the App, says Hunt.
The commands could be sent via a web web app to conduct the hack.
Those who have never signed up are not at risk.
source: www.techworm.net
