Security experts: Remotes are hackable on many vehicles

Vehicles vulnerable to this attack include most Audi, VW, Seat and Skoda models sold since 1995 and numerous approximately 100 million VW Group vehicles on the road since then, the researchers said.

The bad news for vehicle owners is that Volkswagen didn’t use too many of these shared keys, and based on the auto make, model, and year, an attacker would know where to look for.

The keyless entry security system in almost a hundred million Volkswagen group cars is vulnerable to a simple hack that could grant entry in under a minute, researchers have warned. That researchers finally got to present their paper a year ago, detailing how the Megamos Crypto system – an RFID transponder that uses a Thales-developed algorithm to verify the identity of the ignition key used to start motors – could be subverted.

Owners of Volkswagen automobiles and SUV’s may be unwittingly giving away the code to open the doors of their vehicle each time they use the keyless entry system, according to a new study submitted to the USENIX Security Symposium being held in Austin this week.

Security researchers will highlight vulnerabilities in keyless entry systems that impact on the protection against theft of millions of cars at a conference tomorrow.

A VW spokesman said that the current Golf, Tiguan, Touran and Passat models are not vulnerable to the attack.

The cost of the hardware is less than $50, and this only allows access to the central locking system of the cars, but it is a bargain when considering the potential of theoretically being able to unlock 100 million vehicles manufactured by the Volkswagen Group.

For owners of the affected vehicles, which is many, the researchers explained that a temporary countermeasure is to stop using or disable the remote unlocking features and use the traditional mechanical lock instead.

When combined with unique information on the car’s key fob that can be obtained wirelessly, hackers and vehicle thieves can clone the fob and unlock and start the auto.

This isn’t the first Volkswagen vulnerability that the researchers have published.

The bug affects vehicles with a remote lock activated by a key, the Sueddeutsche Zeitung (SZ) daily and public broadcasters NDR and WDR reported. According to them, this flaw could have been leveraged to start various vehicle models, including luxury ones.

For now, however, if you have one of the vulnerable vehicles, the researchers suggest people not assume their cars and trucks are “safeboxes” and avoid leaving valuables inside. This Hitag2 scheme doesn’t rely on fixed cryptography keys, but researchers claim that the cryptographic key for a certain vehicle can be recovered based on 4-8 rolling codes. It seems the power of 1990s-era automotive-grade encryption is helpless in the face of $40 Arduinos and SDR.

The only exception were cars built on VW’s latest MQB production platform, which is used in its top selling model, the Golf VII, which the researchers found does not have the flaw.