Researchers unveil remote lock flaw on 100m cars

Researchers have discovered a security flaw in remote locking systems fitted to around 100 million cars worldwide
Researchers have discovered a security flaw in remote locking systems fitted to around 100 million cars worldwide

German and British researchers have discovered a security flaw in remote locking systems fitted to around 100 million cars worldwide, German media reported on Thursday.

The bug affects vehicles with a remote lock activated by a key, the Sueddeutsche Zeitung (SZ) daily and public broadcasters NDR and WDR reported.

Volkswagen group is one of the hardest hit, with popular models including the Golf 4 and 6 but also vehicles from subsidiaries like Audi, Seat and Skoda on the list of vulnerable cars.

"Security systems of vehicles up to 15 years old don't demonstrate the same level of as our more current vehicles," the auto giant acknowledged to the SZ.

Hackers are able to get around the security system by using passwords from old keys, the SZ reports—because the system did not allow for a sufficiently large number of different passwords.

The researchers were also able to record the radio signal from a specific key and use it later to open the corresponding car.

Other brands with models affected by the problem include France's Citroen, Peugeot and Renault, Italy's Fiat, German Opel, Japan's Nissan and US-based Ford.

While VW suggested in comments to the SZ that the hack was of mostly academic interest, German authorities are currently investigating the theft of a car which could have used the method described by the researchers, an anonymous security source told the paper.

But the Munich-based broadsheet also notes that car thefts have fallen significantly in recent years.

German insurance federation GDV told SZ that around 18,000 cars are stolen every year in Germany, down from 105,000 23 years ago.


Explore further

Germany demands tougher rules on emissions testing

© 2016 AFP

Citation: Researchers unveil remote lock flaw on 100m cars (2016, August 11) retrieved 22 July 2019 from https://phys.org/news/2016-08-unveil-remote-flaw-100m-cars.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
15 shares

Feedback to editors

User comments

Aug 14, 2016
Trust me, the age of the "Beep Bandits" is coming.
Sure, they might not be able to steal your car without a physical key (easy to fake though).
But they can unlock your car and steal everything from the inside that's valuable without effort (important papers, laptops, money, other keysets in gloveboxes, insurance papers which the police require be in the vehicle at all times).

Which is why the push for "smart door locks" like "smart starter keychains" is pretty much dead in the water from the get-go for painfully obvious reasons.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more