A popular brand of electric vehicle sold in Australia has a hidden backdoor allowing the manufacturer to listen into conversations, users have claimed.
After witnessing an explosive month showcasing the awful possibilities of technological warfare, the topic of electric vehicles and their potential to be hacked has once again been thrust into the global spotlight.
A driver who owns a BYD car, a Chinese brand of electric vehicle, has claimed that the software can listen to his conversations.
He explained that the car’s internal SIM could be dialed by an external party, allowing audio from inside the vehicle to be transmitted to the caller without the driver’s knowledge.
In the video, the owner dials the car’s SIM number, and while audio from inside the vehicle is transmitted to their phone, there’s no visible indication on the car’s touchscreen or digital display that a call is taking place.
Even more concerning is that there appears to be no way to terminate the call from the vehicle.
The only sign that a call was in progress was the audio muting, and the issue reportedly persists even when the car is turned off.
An article published by carexpert.com in January 2023 also highlighted the issue.
“I wasn’t able to hang up the covert call from the car, even by opening the phone app or pressing the pick-up/hangup button on the steering wheel,” the owner said.
“Even turning off cellular allowed a call to be taken, so there’s no way I can find that an Australian Atto 3 customer can have privacy in their own car if someone was spying on them.”
One user reported receiving multiple calls through the SIM, suggesting it had been recycled.
“I have had four different people somehow ring through to my car… first time I thought someone connected to my Bluetooth, but after the 4th I assumed they somehow are ringing my SIM number,” the user said, adding that both parties were confused during the calls.
BYD’s Australian distributor, EVDirect, responded quickly to the issue.
Managing director Luke Todd claimed they were working with Telstra, the SIM provider, to resolve the problem.
“There is no risk of exposure for people obtaining car owners’ details,” Todd said.
“We anticipate it being resolved within 48 hours. All data and SIM information is held by Telstra securely.”
Although eSIMs are becoming more common in modern vehicles, this appears to be an isolated issue with BYD in Australia. No other automaker has reported similar concerns where an external party could dial into a vehicle’s SIM to listen in on the cabin.
Despite the Atto 3 becoming Australia’s third best-selling EV, the brand has encountered a few bumps along the way.
BYD had to pause sales to resolve noncompliance with child seat anchor points and faced delays in securing a local five-star ANCAP safety rating.
Meanwhile, Senior Motoring Journalist Paul Gover told Sky News this week that the Australian government “don’t know” what Chinese-made electric vehicles are capable of doing.
BYD Australia has been contacted for comment.
But no amount of corporate fire-extinguishing can erase the scepticism that has been sowed, especially in the US, a nation which has seemingly been locked in decades-long race with China towards technological supremacy.
The privacy of American citizens appears to be of utmost importance, at least in cases when personal data is flowing to the “wrong” government.
The broader issue of potential backdoors into privately owned EV was revisited last week, as details of a US plan to ban Chinese-made EVs due to espionage and national security concerns hit the press.
Campaigners have renewed their push to outlaw Chinese EVs in particular, echoing similar campaigns against Chinese-owned social media platforms operating the country.
“Cars today have cameras, microphones, GPS tracking and other technologies connected to the internet. It doesn’t take much imagination to understand how a foreign adversary with access to this information could pose a serious risk to both our national security and the privacy of citizens,” Commerce Secretary Gina Raimondo said.
“In an extreme situation, foreign adversaries could shut down or take control of all their vehicles operating in the United States all at the same time.”
“We’ve already seen ample evidence that [China] pre-positioned malware in our critical infrastructure for disruption and sabotage,” US National Security Adviser Jake Sullivan added.
“And with potentially millions of vehicles on the road, each with 10- to 15-year life spans, the risks of disruption and sabotage increase dramatically.”
