News
News Categories

Volkswagen cars numbering in the 100 millions could be vulnerable to wireless hack

By Bryan Chan & Kenny Yeo - on 12 Aug 2016, 10:50am

Volkswagen cars numbering in the 100 millions could be vulnerable to wireless hack

Image source: Volkswagen Malaysia

Computer scientist Flavio Garcia and his team of researchers at the University of Birmingham have found a vulnerability that could potentially affect as many as 100 million Volkswagen vehicles. The vulnerability stems from "some tedious reverse engineering" of a component inside a Volkswagen vehicle's internal network. This would yield a cryptographic key that is said to be shared by tens of millions of Volkswagen vehicles.

The second part of the hack involves using cheaply made radio hardware to intercept signals from owners when they unlock their Volkswagen vehicles. And when they do, they will have the second piece cryptographic information that they require to complete the hack. Combining the two, hackers would be able to clone the original remote and use it to lock and unlock the car as many times as they wish.

One worrying aspect of this vulnerability is that that Volkswagen uses the same cryptographic key on many of his vehicles. In fact, Flavio said that the four most popular keys are used in over 100 million Volkswagen sold in the past two decades.

In addition, this vulnerability is not limited to Volkswagen alone. It affects "practically every vehicle the Volkswagen group has sold for the last two decades, including makes like Audi and Škoda."

Flavio and his team will present this vulnerability later this week at the Usenix security conference in Austin, Texas, in the hopes that Volkswagen, and other automakers, will take action.

Source: Wired