The Drive: MyCar App Makes it Dangerously Easy for Hackers to Locate, Control Connected Cars Remotely

"A backdoor discovered in MyCar, a smartphone app that awards old vehicles some degree of connected-car tech and capabilities, has recently been unearthed. The vulnerability, which was recently patched, enabled attackers to read telemetrics and even send commands to an unsuspecting vehicle without needing the owner's credentials."

https://www.thedrive.com/tech/27384/mycar-app-makes-it-dangerously-easy-for-hackers-to-locate-control-connected-cars-remotely