{"id":238762,"date":"2016-08-13T05:32:50","date_gmt":"2016-08-13T05:32:50","guid":{"rendered":"http:\/\/citifmonline.com\/?p=238762"},"modified":"2016-08-13T05:32:50","modified_gmt":"2016-08-13T05:32:50","slug":"millions-of-volkswagen-cars-can-be-unlocked-via-hack","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2016\/08\/millions-of-volkswagen-cars-can-be-unlocked-via-hack\/","title":{"rendered":"‘Millions’ of Volkswagen cars can be unlocked via hack"},"content":{"rendered":"
A sizeable proportion of 100 million Volkswagen Group cars sold since 1995 can be unlocked remotely by hackers, a team of researchers has said.<\/p>\n
The problem affects a range of vehicles manufactured between 1995 and 2016 – including VWs and models from the company’s Audi, Seat and Skoda brands.<\/p>\n
A homemade radio costing about \u00a330 is the only hardware an attacker requires.<\/p>\n
Volkswagen said it was working with the researchers and added that several new vehicles were unaffected by the issue.<\/p>\n
Two separate attacks affecting different models are described in a paper by researchers from the University of Birmingham and German security firm Kasper & Oswald.<\/p>\n
With the second method, an older cryptographic scheme in some other brands was found to have a similar, albeit more complex vulnerability.<\/p>\n
The team showed it was possible for a malicious hacker to spy on key fob signals to target cars via a cheap, homemade radio.<\/p>\n
‘Cryptographic catastrophe’<\/strong><\/p>\n By cloning the digital keys, the researchers found they could then unlock a variety of VW Group vehicles.<\/p>\n This was possible because they were able to reverse-engineer the keyless entry system in the affected models – a process which yielded some master cryptographic keys.<\/p>\n Prior to publishing their research, the team behind the paper agreed with Volkswagen that some key pieces of information – including the value of the master cryptographic keys – would not be made public.<\/p>\n “We were kind of shocked,” Timo Kasper at Kasper & Oswald told the BBC. “Millions of keys using the same secrets – from a cryptography point of view, that’s a catastrophe.”<\/p>\n