The $32 ‘universal hack’ for cars that could give hackers access to your vehicle in seconds and even open your garage door
How would you like to steal a car worth thousands of dollars with a hack tool which is as cheap as $32. A device that can unlock as many cars that use keyless entry and open garage doors as a added bonus.
Ace hacker, Samy Kamkar, who recently revealed the built OwnStar device that could breach GM cars wirelessly, unveiled his latest gadget that exploits a basic vulnerability in car and garage key remotes that has existed for quite some time.
Car key remotes, like garage remotes, use rolling code to authenticate access. Rolling code is basically just code that changes every time so that no one can use it later. So typically when you hit “unlock” on your remote key, a unique code is sent to the car’s system, the doors open, and that code will never be used again.
Kamkar calls his new device “RollJam” and it exploits the vulnerability to send the legitimate code to the car by jamming the signal and intercepting it.
For RollJam to work, the hacker has to place a wallet-size device somewhere on the targeted car. Once it is placed on the target car, when the owner tries to unlock their vehicle by pressing the ‘Unlock’ button on their remote, the device jams the signal so that the vehicle’s system doesn’t hear it, while at the same time intercepts the code for the exploit.
Now, when the door doesnt open the first time, the car owner then tries to use the car key remote to unlock the vehicle a second time. This time again the device jams the signal and steals a second code, but at the same time sends the first stolen code so that the driver can get in the car.
After the two interceptions, the hacker is left with one used code and one fresh code that the vehicle never got. Now he/she can use this code when the owner of the car is far away and steal the car with ease. All the hacker has to do is press a button on the Kamkar’s gadget and the car uses the stolen code to unlock the doors.
Kamkar said he has tried his device on a few different cars from different manufacturers, but has primarily been tested it on a Lotus Elise, because that is what he has had access to. He will reveal more details about how he conducted the exploit on Friday when he speaks at the hacking conference Defcon in Las Vegas.
“This has been sort of a theoretical attack for many, many years. This is not by any means brand new or a big surprise. The problem is no one has really demonstrated it, which is funny because the solution to this problem has been known about for more than 20 years online and has been written about many times, but again no one has demonstrated it,” Kamkar said.
“So a lot of manufacturers haven’t cared to solve the problem because it didn’t seem like a big enough problem. Unfortunately, I think it is a big problem.”
Remember, Kamkar doesnt build such devices to make it make easier for criminals to steal stuff. In fact he doing the opposite. By building such devices which exploit vulnerabilities in the system, he’s trying to help companies fix the holes in their security and raise awareness of security issues.
His latest nifty gadget built out of $32 worth of electronics.