Since its inception in the mid-90s, remote keyless entry systems have become increasingly popular in cars, and are currently available in dozens of different makes and models. With the spike in cybercrime that’s seen hackers broaden their tactics and targets in recent years, it was inevitable that this unnerving trend would eventually reach the automotive industry. Thefts of vehicles with remote keyless entry systems are on the rise in many Western countries like the United States, Great Britain, and Germany (just to mention a few).
A team of Chinese security researchers who called themselves the “Unicorn Team,” demonstrated how they can hack a vehicle’s keyless entry system at the Hack in the Box Security Conference in Amsterdam last month. The researchers showed how a cybercriminal can remotely open a car door from up to 1000 feet away, start the engine, and drive away, all with equipment costing about $25. The researchers achieved this through capturing a radio signal from a driver’s key fob, and broke down the step-by-step process as shown in the video below.
The video depicts a scenario where the vehicle’s owner parks outside a café, locks the car, and walks inside. One thief follows the driver inside the café, while holding a radio device that’s roughly the size of a walkie-talkie. The second accomplice remains outside, holding a similar device. The radio signal from the vehicle owner’s key fob can be remotely relayed to somebody waiting at the car (the second accomplice). Upon reception of this signal, the accomplice standing by the car has the ability to open the vehicle door, step inside the car, start the engine, and drive off.
The scenario shows how anyone holding a device transmitting the correct radio signal can open the vehicle’s trunk, doors, and start the vehicle without ever inserting a key or resort to older methods of carjacking like hotwiring. The Unicorn Team researchers did mention how this particular model won’t shut the engine off once it’s out of the key fob’s range.
During previous scenarios, the ability of hacking into keyless cars has previously been achieved at distances up to 300 feet, which still puts criminals in a vulnerable position to be compromised. The Unicorn Team said they managed to triple their range of infiltration by rebroadcasting the signal between their devices at a lower frequency, which is something that cybercriminals can just as easily achieve.
Filed Under: M2M (machine to machine)