• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

Egg companies made $1.22 billion in profit off a $6 carton — now they’re buying their way out of a price-fixing case with 53 million donated eggs

2

Meet the Zillennials: The luckiest micro-generation in the workforce, born between 1993 and 1998

3

Economists have found an answer to slowing cognitive decline: Avoid retiring early, study finds

1

Egg companies made $1.22 billion in profit off a $6 carton — now they’re buying their way out of a price-fixing case with 53 million donated eggs

2

Meet the Zillennials: The luckiest micro-generation in the workforce, born between 1993 and 1998

3

Economists have found an answer to slowing cognitive decline: Avoid retiring early, study finds
TechMitsubishi

Friendly Hackers Exploit Loophole to Disable Alarm on Mitsubishi Outlander

By
Kirsten Korosec
Kirsten Korosec
Down Arrow Button Icon
By
Kirsten Korosec
Kirsten Korosec
Down Arrow Button Icon
June 7, 2016, 2:36 PM ET
2017 Mitsubishi Outlander PHEV
2017 Mitsubishi Outlander PHEVMitsubishi Wieck
Add Fortune on Google for similar content.

A U.K. security firm hacked into a Mitsubishi Outlander plug-in hybrid electric vehicle after finding a vulnerability that let the researchers take control of the car’s functions and even turn off the alarm system.

The Pen Test Partners security firm was able to exploit a loophole in a mobile app that lets drivers communicate with their vehicles through their smartphones, highlighting how vulnerable cars equipped with Wi-Fi Internet connection can be to hackers.

Ken Munro, a security expert at Pen Test Partners who led the investigation, bought the plug-in electric hybrid after noticing a mobile app designed to give owners of the Outlander access to certain functions of the car used an unusual method to wirelessly connect to the SUV. The 2017 Mitsubishi Outlander PHEV made its U.S. debut in March at the 2016 New York International Auto Show and is expected to go on sale in the U.S. later this year.

Pen Test Partners said it had been mostly ignored Mitsubishi after it had contacted the Japanese automaker about the vulnerability. In response, the security company made its discovery public this week.

Since then, Pen Test Partners said Mitsubishi has been responsive and is now “taking the issue very seriously at the highest levels.”

 

 

As Munro explains in a blog post and video, most car apps that let users remotely locate and unlock cars connect through a web-based service that uses GSM, the communication channel used in mobile phones. But instead, the Outlander PHEV uses a Wi-Fi access point inside the vehicle to connect with a smartphone.

Users must disconnect from all other Wi-Fi networks and connect to this specific access point to gain control of the car functions. Security loophole aside, this system isn’t ideal because drivers can only communicate with their car when within Wi-Fi range.

Get Data Sheet, Fortune’s daily newsletter about technology.

Researchers also found that GSM was less secure that what other automakers use. For example, the car’s Wi-Fi passcode is written on a piece of paper in the owner’s manual, the firm said in a blog post, noting the format is too simple and short. The company said it was able to hack into the car in less than four days in addition to finding where the car is located, described in the video below.

[youtube https://www.youtube.com/watch?v=NSioTiaX_-Q]

From there, the security experts quickly figured out how to turn the SUV’s lights on and off, disrupt charging of the electric battery, adjust the air conditioning and heating, and disable the car alarm.

Pen Test Partners says users should disable the app and disconnect it from the car owner’s smartphone. The company also says Mitsubishi should immediately upgrade the software and use the more secure GSM module to connect to the car app.

The Mitsubishi hack is the latest in a string of security vulnerabilities found by researchers in cars. Hackers have multiple ways to gain access remotely, as demonstrated last year by two security experts who took control of a Jeep Cherokee from miles away by exploiting the car’s software. In March, the FBI and U.S. National Highway Traffic Safety Administration issued a bulletin warning that motor vehicles are “increasingly vulnerable” to hacking.

About the Author
By Kirsten Korosec
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Chad Hurley and Steven Chen wearing suits
SuccessWealth
YouTube’s founders split over $650 million when they sold to Google in 2006—had they held out, they could have taken a slice of $550 billion
By Preston ForeJuly 3, 2026
6 hours ago
ds
CommentarySoftware
I argued with the father of open source for 2 years. Now the AI fight is the same — only bigger
By David SiegelJuly 3, 2026
8 hours ago
ashok
Commentary250 Years of Innovation
The greatest startup in history: What we can learn from America’s founders at today’s AI frontier
By Ashok N. SrivastavaJuly 3, 2026
8 hours ago
2
Commentary250 Years of Innovation
America’s secret weapon isn’t just innovation — It’s the freedom to fail
By Keith KrachJuly 3, 2026
10 hours ago
A $75 billion valuation, 75 million global customers and on its way to America—Revolut is London’s disruptor extraordinaire
EuropeLetter from London
A $75 billion valuation, 75 million global customers and on its way to America—Revolut is London’s disruptor extraordinaire
By Kamal AhmedJuly 3, 2026
10 hours ago
Man in a black hat and jacket
InvestingSpace Exploration
Elon Musk can’t sell a single SpaceX share for a year—and then all the locks crack open at once
By Amanda GerutJuly 3, 2026
10 hours ago

Most Popular

Egg companies made $1.22 billion in profit off a $6 carton — now they’re buying their way out of a price-fixing case with 53 million donated eggs
Law
Egg companies made $1.22 billion in profit off a $6 carton — now they’re buying their way out of a price-fixing case with 53 million donated eggs
By Wyatte Grantham-Philips and The Associated PressJuly 2, 2026
1 day ago
Meet the Zillennials: The luckiest micro-generation in the workforce, born between 1993 and 1998
AI
Meet the Zillennials: The luckiest micro-generation in the workforce, born between 1993 and 1998
By Nick LichtenbergJuly 3, 2026
13 hours ago
Economists have found an answer to slowing cognitive decline: Avoid retiring early, study finds
Economy
Economists have found an answer to slowing cognitive decline: Avoid retiring early, study finds
By Sasha RogelbergJuly 2, 2026
1 day ago
On Wall Street, analysts increasingly don’t believe the U.S. government’s 'misleading' job numbers
Economy
On Wall Street, analysts increasingly don’t believe the U.S. government’s 'misleading' job numbers
By Jim EdwardsJuly 3, 2026
9 hours ago
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
Success
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
By Sasha RogelbergJuly 2, 2026
1 day ago
Current price of oil as of July 2, 2026
Personal Finance
Current price of oil as of July 2, 2026
By Joseph HostetlerJuly 2, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.