Flaws in the keyless entry system put nearly 100 million Volkswagen cars at risk from hackers
If own one of the fancy Volkswagen cars with a keyless entry feature, be sure to read this article twice. It seems your car can be easily stolen thanks to a flaw which leaves it vulnerable to a remote-cloning attack, according to new research.
The bug was discovered by University of Birmingham computer scientist Flavio Garcia and a team of researchers. Funnily, Garcia and his team commenced their research in 2013 but had to stop their research midway due to a lawsuit. After the judge ruled in their favor, the team re-commenced their Volkswagen keyless entry bug research.
They have now found that the vast majority of the 100 million vehicles from VW Group sold in that time are vulnerable to a key-cloning attack that leaves the ignition and keyless entry system exposed to tampering. According to their research, the attack can be carried out using cheap, battery-run commercially-available radios, which are capable of eavesdropping and recording the rolling codes used by keyless entry systems and then emulating a key.
The researchers put together their hacking tool using a Arduino-based RF transceiver and it cost just $40 to make. The researchers said that one of the attacks would allow potential hacker/car jackers to wirelessly unlock practically every vehicle the Volkswagen group has sold for the last two decades, including makes like Audi and Škoda.
They will also demonstrate a second attack why they say, affects millions more vehicles, including Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.
The researchers said that the only alternative left to Volkswagen car owners is to fully deactivate or at least not use the [remote keyless entry]functionality and resort to the mechanical lock of the vehicle, as it is practically not possible to stop this hack from happening.
A second attack the researchers explored relates to the ageing Hitag2 rolling code scheme, which is used by Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, and Ford. Hitag2 maker, NXP has already advised the car manufacturers to upgrade their cars to the latest system according to Wired.
While the researchers have made the flaw in Volkswagen cars public, they reached into an agreement with the car maker not to disclose the cryptographic keys, part numbers of vulnerable ECUs, and how they reverse-engineered the processes.
The researchers will present their research this week at the Usenix security conference in Austin, Texas.