Keyless Entry Renders Millions Of Cars Vulnerable

Uploaded on 2016-09-06 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Simple handheld scanning device capable of intercepting & cloning keyless entry 

Tens of millions of cars are made vulnerable to theft by their keyless entry systems, according to a report by computer security experts.

The paper claims many of the 100m Volkswagen vehicles sold over the past 20 years are vulnerable and can be hacked using cheap tools. Audi, Seat and Skoda models sold since 1995 are also said to be affected as they share Volkswagen’s remote keyless entry system. Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot models are also at risk from a similar exploit, the researchers claim.

The three researchers from the University of Birmingham in England and a fourth from security company Kasper and Oswald GmbH in Germany, found models as recent as this year’s Audi Q3 were vulnerable. They said it is conceivable that all VW Group cars, with the exception of some Audis, are thus vulnerable to attacks because they rely on a ‘constant-key’ scheme.

The attack works by “eavesdropping” on the signal sent when a driver presses their key fob to unlock their car. With equipment costing as little as £30 the signal and be cloned and the hacker can then access the car in future. To clone the key’s signal the attack does need to be within 100m of the vehicle.

The report co-author Flavio Garcia said they believe some of the hackable cars are still on the market. He told Reuters: “There are still some VW car models being sold that are not on the latest platform and which remain vulnerable to attack.”

The researchers said the only exceptions were cars built on VW’s latest MQB production platform, which is used in its top selling model, the Golf VII, which the researchers found does not have the flaw.

The VW spokesman Peter Weisheit said that its current Golf, Tiguan, Touran and Passat models are not at risk from the attack, adding: “This current vehicle generation is not afflicted by the problems described.”

The Wolfsburg-based car maker confirmed it has had a constructive exchange with the researchers and that the authors had agreed to withhold details in their report that criminals could use to break into cars.

In 2013, VW obtained a restraining order against a group of researchers that included Garcia to prevent publication of a paper detailing how certain anti-theft car immobilisers were vulnerable to hackers. That research was published in 2015 after the authors agreed with VW to remove a detail that would have allowed thieves to figure out how to carry out an attack.

The authors also describe a second attack that could be used against Hitag2 (HT2) remote keyless entry systems used in older models of other car makers, running on circuits produced by Dutch-American chipmaker NXP.

An NXP spokesman said HT2 chips first introduced in 1998 have been gradually replaced by automakers since 2006 and that the chipmaker has advised them to replace HT2 chips in new cars since security weaknesses were reported in 2009 and 2012.

The reports’ authors said they had focused on mass-market models and did not analyse in detail VW’s luxury brands including Porsche, Bentley, Lamborghini and Bugatti.

The paper is set to be presented at the Usenix security conference in Austin, Texas, in the US recently.

Guardian: http://bit.ly/2bdnNdp

 

« 15 Years After 9/11
Exploring Alternatives: Terrorism Converging With Cyber Crime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

E-Tech

E-Tech

E-Tech has been providing system support and information technology consulting services including Internet and Network Security assessments.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

Nmap Project

Nmap Project

Nmap Project is a Free and open source tool for network discovery, administration, and security auditing.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

AhnLab

AhnLab

AhnLab provides a range of information security solutions including network security, endpoint security, antivirus and consulting services.

Synack

Synack

Synack provides a hacker-powered intelligence platform that uncovers security vulnerabilities that often remain undetected by traditional pen testers and scanners.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Tenzir

Tenzir

Tenzir's primary focus lies on network forensics: the systematic investigation of cyber attacks with big data analytics.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

CyberNews

CyberNews

Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

Shield Capital

Shield Capital

Shield Capital helps founders build frontier solutions in cybersecurity, artificial intelligence, space & autonomy for commercial and government enterprises.

Phylum

Phylum

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.

ReformIT

ReformIT

ReformIT is a Managed IT Service and Security provider with many years experience helping companies find the right IT solutions to meet the needs of their businesses.

SoteriaSec

SoteriaSec

SoteriaSec is a premier cybersecurity firm providing comprehensive digital forensics and incident response services.