According to Wired, security researchers found they can use software defined radio (SDR) to remotely unlock hundreds of millions of cars.
Led by Flavio Garcia at the University of Birmingham in the UK, the group of hackers reverse-engineered an undisclosed Volkswagen component to extract a cryptographic key value that is common to many of the company’s vehicles.
When combined with the unique value encoded on an individual vehicle’s remote key fob—obtained with a little electronic eavesdropping, say—you have a functional clone that will lock or unlock that car. VW has apparently acknowledged the vulnerability and has changed some of the numbering on new parts.
The UoB also found another security hole which affects Alfa Romeo, Citroën, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.
It exploits a much older cryptographic scheme used in key fobs called HiTag2. The hacker has to do some electronic eavesdropping to capture a series of codes sent out by a remote key fob. Once a few codes had been gathered, the encryption scheme can be encyrpted in under a minute.
When the attacks might appear a bit convoluted, it is thought that they are behind a rash of car thefts, including a few in the US as hackers exploit the power of 1990s-era automotive-grade encryption with cheap hacking gear.