Hackers creeping into digital music files

CHARLOTTE, NC (WBTV) - There is nothing like a nice sunny day driving around town in your car, listening to your favorite music.  Did you know that depending upon how you get your music, you might make both your home computer and your car vulnerable to hackers?

We have warned you before about being careful what you download to your computer.  We have even warned you before that cyberhackers might be able to take over your car's Bluetooth.  Just when you think you have heard it all, now savvy hackers can hack into your car a different way, through your favorite tunes.  WBTV's Cyber Expert Theresa Payton explains how they do it and how to avoid the car hack hijack.


Researchers were able to add an extra code to a digital music file.

They burned the music file, with the extra code, to a CD.

The CD was played in the car.  By playing the music, it gave them access to alter the car's stereo system to receive instructions.

From the altered system, they could communicate with other car components such as unlocking your doors or killing the engine.

NOTE:  This method can also be used to infect your home computer so always make sure you only download music from legitimate music sharing sites.


  1. Talk to your kids to make sure they understand to only download songs from legitimate sites.
  2. Only download songs from legitimate sites such as iTunes.com or Amazon.com
  3. If you suspect you might have an infected song, delete the song from all of your devices and throw away all the CDs that you have made.

There are many legitimate music sites.  We have included two for you:


You can read more about what the researchers found when they tried to hack a car at The National Academies site:  http://www8.nationalacademies.org/cp/committeeview.aspx?key=49236


RUSTOCK:  You might be thinking of your stock portfolio but this is the name of a prolific and insidious virus that controlled many computers in what is known as a botnet.  At it's peak, it could send up to 25,000 spam messages per hour from one infected computer.  It was recently shut down through the help of Microsoft, law enforcement and other companies.  The spam was primarily for fake pharmaceuticals.  Make sure you are running the latest antivirus so you can inoculate yourself against Rustock and the next nasty virus that hits.

To see the traffic that Rustock used to create on the internet, visit M86 Security Labs at http://labs.m86security.com/2011/03/rustock-down