Cars today are more than just machines—they’re rolling computers. And like all computers, they can be hacked. A newly revealed Bluetooth vulnerability, called PerfektBlue, affects vehicles from Mercedes-Benz, Volkswagen, Skoda, and possibly a fourth unnamed automaker. It opens the door to some serious risks, like remote hacking, GPS tracking, and even eavesdropping through connected devices.
The issue is tied to a software system called BlueSDK, used in infotainment and vehicle control systems. According to researchers at PCA CyberSecurity, attackers only need to be within 30 feet of a running car to launch a “one-click” attack. With it, they could install malware, track your location, or listen in through Bluetooth microphones.
Worryingly, the company that makes BlueSDK—OpenSynergy—knew about the issue in May 2024 and released a fix that September. But many car manufacturers still haven’t updated their systems, leaving millions of cars potentially exposed. And because most car software is kept private, it’s hard to tell which specific models are at risk.
So if your vehicle has Bluetooth and is from one of the affected brands, it’s worth checking for software updates—or contacting the manufacturer to ask if your model has received the fix.