CATEGORIES
home News

100 Million Volkswagens Can Be Remotely Unlocked Via Simple Keyless Entry System Hack

by Brandon HillThursday, August 11, 2016, 12:11 PM EDT
If you own a Volkswagen Group vehicle that was manufactured within the last twenty years, chances are that a hacker would be able make their way into your “locked” vehicle with ease. A team of researchers from the University of Birmingham, led by Flavio Garcia, were able to clone the keyless entry codes used by Volkswagen vehicles simply by being within “a few tens of meters” of a fob when it is activated by its rightful owner.

The scope of this vulnerability is massive, encompassing roughly 100 million Volkswagen Group vehicles manufactured since 1996. Affected brands include Volkswagen, Audi, Seat and Skoda. The remote entry hack is ongoing, as the researchers were able to determine that the 2016 Audi Q3 is still affected.

So how were the researchers able to achieve this feat? Well, they were able to reverse engineer the electronic control unit (ECU) and remote keyless entry system used in Volkswagen’s vehicles, and once armed with the knowledge of the inner working of how key transmission and reception is handled by the vehicle, they were able to hack away with an Arduino-based RF transceiver powered by a 9-volt battery.

Audi A7 Sportback

“With the knowledge of these keys, an adversary only has to eavesdrop a single signal from a target remote control,” write the researchers in their published paper [PDF]. “Afterwards, he can decrypt this signal, obtain the current UID and counter value, and create a clone of the original remote control to lock or unlock any door of the target vehicle an arbitrary number of times.”

Unfortunately, there doesn’t appear to be any useful or productive defense to an attack, so current Volkswagen owners will forever be sitting ducks. “Completely solving the described security problems would require a firmware update or exchange of both the respective ECU and (worse) the vehicle key containing the remote control,” the researchers add. “Due to the strict testing and certification requirements in the automotive industry and the high cost of replacing or upgrading all affected car keys in the field, it is unlikely that VW Group can roll out such an update in the short term.”

Although this is of little relief for owners of affected Volkswagen Group vehicles, the company’s newer vehicles based MQB architecture are immune. These include the newest version of the Audi A3, Audi TT, Volkswagen Golf family, and the Euro market Volkswagen Passat.

Tags:  Volkswagen, VW
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment