Top
Home / Cyber Security
Cyber Security

Dashcams and the road to exploitation

By

In Singapore, where digital integration meets urban precision, dash cameras are now part of everyday life. Installed in over 80% of vehicles, these devices were designed to support insurance claims and promote driver accountability. But a new wave of cybersecurity research suggests that dashcams are evolving into something far more pervasive — and potentially dangerous.

At Black Hat Asia 2025, a team of cybersecurity researchers revealed how in-car dashcams can become high-risk attack vectors. The talk, titled “DriveThru Hacking”, highlighted not just technical vulnerabilities but also the cascading consequences they pose — from privacy breaches to remote exploitation of vehicle networks.

The Team Behind the Findings

The research was led by experts from a global tech company:

Benjamin Cao – Incident Response Lead

George Chen – Head of CloudSec and AppSec

Chee Peng Tan – Lead Cybersecurity Analyst

Penelope Chua – Cybersecurity Analyst

Alina Tan – Co-founder, HE&T Security Labs

Ri-Sheng Tan – Incident Response Lead

Their collaborative work dissected over two dozen popular dashcam models, blending hardware disassembly, network reconnaissance, firmware manipulation, and AI-based data profiling.

From passive recorder to active threat

Using ethical hacking techniques and tools like Flipper Zero and the Moroder module, the team collected over 1,000 dash cam SSIDs across Singapore. Brands like iRoad (48.6%), 70My (9.5%), and iDrive (6.7%) dominated the market. Yet under the hood, many of these devices shared hardware, firmware, and vulnerabilities — often stemming from OEM manufacturers like G-Net (Korea) or Dongguan Electronics (China).

More troublingly, the team demonstrated two distinct exploitation paths:

Scenario 1: Full-System Compromise

Gaining root access via the infotainment system

Uploading modified firmware to the dashcam

Reconfiguring the Controller Area Network (CAN) gateway

Issuing arbitrary CAN commands to the Electronic Control Unit (ECU) — the car’s digital brain

Scenario 2: Man-in-the-Middle via Wi-Fi

Exploiting insecure Wi-Fi pairing between mobile devices and dashcams

Bypassing certificate-based security

Streaming and exfiltrating video/audio feeds from the cloud

Reconstructing personal profiles, raising concerns about espionage and identity theft

dashcams
Dashcams Black Hat Asia 2025

The tools of the trade — and the ethical line

The researchers coined the term “DriveThru Hacking” to describe the automation of Wi-Fi discovery, hacking, data exfiltration, and even LLM-based summarization of captured footage. To validate findings ethically, they organized a controlled audit involving 40 participants, including friends and family, two of whom submitted real recordings to train AI detection systems.

Their final dashboard visualized the risk landscape — from SSID exposure to lateral movement potential — while a comic-style AI illustration was created to distill the complex research into digestible visual narratives.

Industry Blind Spots and the Need for Change

Despite their wide adoption, dashcams operate with minimal regulatory oversight. Manufacturers rarely push security updates, and many allow open cloud streaming with no user verification. The team emphasized that basic encryption, secure pairing, and network segmentation should be required in all connected automotive devices.

A final word: Steering toward transparency

What began as a tool for safer roads has, ironically, opened a path to systemic vulnerability. The research shared at Black Hat Asia 2025 isn’t just a technical showcase — it’s a warning: as our cars become smarter, so too must our defences.

Whether for a daily commuter or a high-profile executive, the message is clear — security must be baked in, not bolted on.

Tags:
0

The 4iMag Team is a collective byline representing the collaborative work of journalists, researchers, academics, and field experts who contribute to 4i Magazine’s exploration of innovation, intelligence, information, and insight. Each article published under the 4iMag Team is a result of interdisciplinary collaboration—blending in-depth journalistic investigation with the expertise of leading lecturers, professionals, and specialists from around the world. By fusing front line reporting with expert perspectives, especially on breakthroughs in fields like artificial intelligence, cybersecurity, space technology, and emerging scientific paradigms, the 4iMag Team produces timely, well-researched content that is both accurate and rich in thought leadership.

RELATED POSTS

Cyber Security

At Black Hat Asia 2025, in a session packed with hardware hackers, cryptographers, and security researchers, Karim — a hardware security expert from Ledger — stepped onto the stage with a quiet warning: the most dangerous hacks don’t come through

News, Tech

Nissan Leaf - PCAutomotive, a leading provider of penetration testing, threat intelligence, and cybersecurity monitoring, unveil critical vulnerabilities in the Nissan Leaf’s connected systems at Black Hat Asia 2025 in Singapore. Remote Exploitation of a Modern Vehicle As automotive technology advances, modern

News, Tech

Black Hat, the cybersecurity industry’s most established and in-depth security event series, today announced Edward Chen, the Deputy Chief Executive of the Cyber Security Agency of Singapore; and Bunnie Huang, the founder of Bunnie Studios, as Keynote speakers for Black

4i magazine was founded with the vision of enabling our readers to make sense of the modern world. Our mission is to provide our audience with the most important, cutting-edge tech news and insights. Today's media landscape features too much information and not enough knowledge. Our coverage aims to fix that, by focusing the spotlight on developing trends, up-and-coming talents, and news that's worth your attention.

info@4imag.com
jobs@4imag.com

© Copyright 4i Mag 2022 All Rights Reserved