Bring Your Own Car (BYOC) Attack Demonstrated
Summary
Hide ▲
Show ▼
Researchers demonstrated a proof-of-concept (PoC) attack chain that started in a parked car and ended in corporate Linux servers and ESXi hypervisors. The attack exploited the connection between a driver's phone and the car's Bluetooth system, using it as an initial access vector into the corporate network. The attack was demonstrated at BSides NYC on October 18, 2025, by Threatlight CTO Tim Shipp. The attack required only a few cheap gadgets and exploited a brief window when the driver connected their phone to the car's head unit. The attacker used a FlipperZero hacking multitool to spoof the car's Bluetooth signal and establish a connection to the phone. From there, the attacker gained access to the corporate network when the phone connected to it. The attack highlights the risks associated with bring-your-own-device (BYOD) policies and the need for comprehensive security measures that cover all potential entry points.
Timeline
-
20.10.2025 23:38 1 articles · 23h ago
BYOC Attack Demonstrated at BSides NYC
On October 18, 2025, Threatlight CTO Tim Shipp demonstrated a proof-of-concept (PoC) attack chain that began in a parked car and ended in corporate Linux servers and ESXi hypervisors. The attack exploited the connection between a driver's phone and the car's Bluetooth system, using it as an initial access vector into the corporate network. The attack required only a few cheap gadgets and highlighted the risks associated with bring-your-own-device (BYOD) policies and the need for comprehensive security measures.
Show sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
Information Snippets
-
The attack began in a parked car and targeted the driver's phone connected to the car's Bluetooth system.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attacker used a FlipperZero hacking multitool to spoof the car's Bluetooth signal and establish a connection to the phone.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attacker exploited a brief window when the driver connected their phone to the car's head unit.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attack demonstrated the risks associated with bring-your-own-device (BYOD) policies and the need for comprehensive security measures.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attack required only a few cheap gadgets, including cardputers and NRF24 transceiver modules.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attacker used a prearranged series of malicious commands to transmit an Android Package (APK) file, establishing an initial Metasploit shell.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attacker exploited the Android Debug Bridge over the air to solidify their foothold on the phone.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38
-
The attack demonstrated the need for mobile device management (MDM) strategies and network segmentation.
First reported: 20.10.2025 23:381 source, 1 articleShow sources
- Is Your Car a BYOD Risk? Researchers Demonstrate How — www.darkreading.com — 20.10.2025 23:38