Home / / Millions of Volkswagen cars can be hacked with $40 device

Millions of Volkswagen cars can be hacked with $40 device

Researchers have discovered keyless entry vehicles are vulnerable to cybercriminal activity

Millions of Volkswagen cars can be hacked with $40 device
Cybercriminals can use a homemade radio to eavesdrop on the signal standing only 100 metres away from a range of vehicles, including Volkswagen.

Over 100 million Volkswagen, Audi, Seat and Skoda vehicles sold over 20 years ago are vulnerable to be being hacked due to their keyless entry system, according to a team of security researchers.

The researchers from the University of Birmingham, England, and a researcher from security firm Kasper and Oswald GmbH in Germany, found that vehicles which were manufactured between 1995 and 2016 can be hacked by a cheap tool, costing $40 only.

Cybercriminals can use a homemade radio to eavesdrop on the signal standing only 100 metres away from the vehicle. Every time a driver presses their key fob to lock or unlock their vehicle, the hackers can clone the signal.

Also, the researchers described another potential attack against Hitag2 remote keyless entry systems which run on circuits developed by chipmaker NXP. They revealed using the same radio tool, hackers can extract a cryptographic code and then intercept the unique ID sent by the car fob.

Researcher Flavio Garcia said: "It's a bit worrying to see security techniques from the 1990s used in new vehicles. If we want to have secure, autonomous, interconnected vehicles, that has to change."

The researchers notified the German car manufacturer, and according to Reuters, VW spokesman Peter Weisheit said: "The responsible department at Volkswagen Group is in contact with the academics mentioned and a constructive exchange is taking place." However Weisheit did clarify that its current Golf, Tiguan, Touran and Passat models are not at risk from the attack.

The researchers also revealed that vehicles built on VW's MQB production platform, including the Golf VII, are also not vulnerable to this hacking process. Furthermore, the researchers only focussed on mass-market models and not VW's luxury brands including Porsche, Bentley, Lamborghini and Bugatti.

The researchers also revealed that Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot models are also vulnerable to wireless hacks due to their keyless feature.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

CHANNEL AWARD 2018