Chrysler is being criticized lately for sending a million USB drives to customers in the U.S. through post. Amid hackers revealing vulnerabilities associated with Jeep Cherokee in 2014 just over a month back, Chrysler mailing USB drives has added fuel to the fire.
People are being warned by security professionals not to try USB drives sent over to them by mail. The pros say that the USB drives obtained by mail are similar to those that are handed over to a person by a stranger or ones that are taken from a company’s parking lot, according to Wired.
The officials keep passing alerts on such USB drives because they fear those can play a role in a mass malware mailing campaign. USB drives mailed out by Chrysler may as well pave way for hacking as the drives could be spoofed and tricked into installing malwares in trucks and cars.
Mark Trumpbour, an organizer of the New York hacker conference Summercon, said that “An auto manufacturer is basically conditioning customers into plugging things into their vehicles. This could have the potential to backfire at some point in the future.”
Meanwhile, Chrysler spokesmen told Wired that the USB drives are dispatched in “Read Only” format and that wouldn’t pave way for exploitation. He also added, “Consumer safety and security is our highest priority. We are committed to improving from this experience and working with the industry and with suppliers to develop best practices to address these risks.”