Researchers unveil remote lock flaw on 100m cars

August 11, 2016
Researchers have discovered a security flaw in remote locking systems fitted to around 100 million cars worldwide

German and British researchers have discovered a security flaw in remote locking systems fitted to around 100 million cars worldwide, German media reported on Thursday.

The bug affects vehicles with a remote lock activated by a key, the Sueddeutsche Zeitung (SZ) daily and public broadcasters NDR and WDR reported.

Volkswagen group is one of the hardest hit, with popular models including the Golf 4 and 6 but also vehicles from subsidiaries like Audi, Seat and Skoda on the list of vulnerable cars.

"Security systems of vehicles up to 15 years old don't demonstrate the same level of as our more current vehicles," the auto giant acknowledged to the SZ.

Hackers are able to get around the security system by using passwords from old keys, the SZ reports—because the system did not allow for a sufficiently large number of different passwords.

The researchers were also able to record the radio signal from a specific key and use it later to open the corresponding car.

Other brands with models affected by the problem include France's Citroen, Peugeot and Renault, Italy's Fiat, German Opel, Japan's Nissan and US-based Ford.

While VW suggested in comments to the SZ that the hack was of mostly academic interest, German authorities are currently investigating the theft of a car which could have used the method described by the researchers, an anonymous security source told the paper.

But the Munich-based broadsheet also notes that car thefts have fallen significantly in recent years.

German insurance federation GDV told SZ that around 18,000 cars are stolen every year in Germany, down from 105,000 23 years ago.

Explore further: Germany demands tougher rules on emissions testing

Related Stories

Germany demands tougher rules on emissions testing

June 7, 2016

Germany on Tuesday demanded tougher rules on controlling diesel car pollution in Europe as it blamed auto manufacturers other than Volkswagen of using defeat devices to pass emissions tests.

EU ignoring diesel pollution despite VW scandal: NGO

June 6, 2016

European governments are turning a blind eye to over-polluting cars, an NGO report said on Monday, nine months after a scandal exposed emission test cheating by Volkswagen, Europe's biggest carmaker.

Recommended for you

Pushing lithium ion batteries to the next performance level

December 13, 2018

Conventional lithium ion batteries, such as those widely used in smartphones and notebooks, have reached performance limits. Materials chemist Freddy Kleitz from the Faculty of Chemistry of the University of Vienna and international ...

Uber filed paperwork for IPO: report

December 8, 2018

Ride-share company Uber quietly filed paperwork this week for its initial public offering, the Wall Street Journal reported late Friday.

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

matrix29bear
not rated yet Aug 14, 2016
Trust me, the age of the "Beep Bandits" is coming.
Sure, they might not be able to steal your car without a physical key (easy to fake though).
But they can unlock your car and steal everything from the inside that's valuable without effort (important papers, laptops, money, other keysets in gloveboxes, insurance papers which the police require be in the vehicle at all times).

Which is why the push for "smart door locks" like "smart starter keychains" is pretty much dead in the water from the get-go for painfully obvious reasons.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.