Video: UBI Device Hacked, Car's Brakes Cut

Security researchers from the University of California at San Diego hacked into an onboard dongle used by insurance company Metromile, and videoed themselves using SMS messages to cut a car's brakes.

The researchers presented their findings at a data security conference today, releasing a video that shows them sending commands via SMS to a Corvette equipped with an OBD II device, according to a Wired report.

The device is manufactured by Mobile Devices, a French company, which counts usage-based insurer Metromile among its customers. In the video, researchers demonstrate that they can control the car's windshield wipers and brakes by exploiting the vulnerability.

Metromile CEO Dan Preston told Wired in an interview that the university researchers contacted his company earlier this year, and Mobile Devices provided the insurer with a patch that was sent to all active devices in June. Mobile Devices' product is also used for fleet telematics, and it was unclear if any other customers have been issued the patch.

In January, researchers at Digital Bond labs reported that Progressive's Snapshot device contained vulnerabilities that could allow access to auto controls, but did not demonstrate a takeover.