Models from other automakers are also vulnerable.
Research team at the University of Birmingham has discovered a major flaw in the key fobs of Volkswagen Group cars which make these vulnerable to hacking. Up to 100 million vehicles are affected, and the oldest ones date back to 1995. By using a rather simple $40 home-built device, hackers can create a ‘copy’ of the key fob and gain access to the car.
To understand how it’s all possible, researchers have managed to find a way to access a cryptographic key used by millions and millions of VAG cars. By using custom-built hardware, they were able to gain access to a second cryptographic key specific to the car they wanted to hack. Then, they combined the two cryptographic keys to effectively obtain access to the vehicle and unlock it, something which is possible only if the device is within 300 feet of the car. With only four unique cryptographic keys used by most of the 100M cars, it means millions and millions of cars will be exposed once a hacker will find one of the four keys.
The flaw was discovered in cars as recent as the 2016MY Audi Q3, but it affects a wide array of models from the group. The good news is MQB-based products are not vulnerable to the hack, so models such as the VW Golf, Passat, and Tiguan should be safe. It’s the same story with the Audi A3, Q2, TT, as well as with models from SEAT and Skoda, like the Leon, Ateca, Octavia, and Superb.
The research led by Flavio Garcia and David Oswald also refers to the vulnerability of other cars from different automakers. Millions of vehicles from Ford, Nissan, Mitsubishi, Chevrolet, and other marques are vulnerable to a similar attack using a home-made device. Hackers are able to learn the so-called ‘rolling codes’ which appear when the owners press the buttons on the key fobs to unlock/lock the car. With these codes, hackers can then gain access to the targeted car.
The study conducted by computer security experts at the University of Birmingham will be fully detailed today in Austin, Texas at the USENIX Security Symposium.