Security Affairs
SonicWall warns of active exploitation of two SMA 1000 zero-days|Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month|U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses|Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage|Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers|Australia Alerts Organizations to Ongoing CMS Exploitation Attacks|Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|SonicWall warns of active exploitation of two SMA 1000 zero-days|Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month|U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses|Attacker Used AI to Build Custom PowerShell Recon Malware|Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended|CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper|Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach|U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog|EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage|Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers|Australia Alerts Organizations to Ongoing CMS Exploitation Attacks|Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

How to open 100 Million Volkswagen cars with a cheap wireless device

A new hack leveraging on two distinct vulnerabilities could be exploited to open every Volkswagen vehicles that have been sold since 1995 Do you have a Volkswagen? A new hack leveraging on two distinct vulnerabilities could be exploited to open every Volkswagen vehicles that have been sold since 1995, including models from Audi, Citroen, Fiat, Ford, […]

Volkswagen

A new hack leveraging on two distinct vulnerabilities could be exploited to open every Volkswagen vehicles that have been sold since 1995

Do you have a Volkswagen? A new hack leveraging on two distinct vulnerabilities could be exploited to open every Volkswagen vehicles that have been sold since 1995, including models from Audi, Citroen, Fiat, Ford, Peugeot, and  Skoda.
Researchers from the University of Birmingham and the German engineering firm Kasper & Oswald will present their study, titled “Lock It and Still Lose It—On the (In)Security of Automotive Remote Keyless Entry Systems” this week at the Usenix security conference.
In a first attack devised by the researchers, the experts used an Arduino-based RF Transceiver (Cost $40) to eavesdrop and record the rolling codes used by keyless entry systems that are sent by car owners when they press the key fob’s buttons.
Volkswagen arduino hack

The researchers made a reverse engineering of a component inside a Volkswagen’s network and identified and extracted a cryptographic key that is shared among millions of Volkswagen cars. The scientists did not reveal the exact procedure to extract the keys avoiding crooks to exploit the same technique.

The knowledge of the two secret keys allowed the team to clone the key fob and open the car.

“we discovered that the RKE systems of the majority of VW Group vehicles have been secured with only a few cryptographic keys that have been used worldwide over a period of almost 20 years.” wrote the researchers in the paper. “With the knowledge of these keys, an adversary only has to eavesdrop a single signal from a target remote control. Afterwards, he can decrypt this signal, obtain the current UID and counter value, and create a clone of the original remote control to lock or unlock any door of the target vehicle an arbitrary number of times”

The impact could be severe for the Volkswagen, if hackers will be able to reproduce the process, millions of cars will be exposed to the risk of theft.

According to the researchers in past 20 years, the four most common keys are used in all the 100 Million cars sold by the German car vendor. Only the most recent VW Golf 7 model and others that use unique keys are immune to the attack.

Most recent models like Golf 7 use unique keys so they are not vulnerable to the hack.

The researchers devised also a second attack method that targets the HiTag2, an old cryptographic scheme used to generate rolling codes and that is still used in millions of vehicles.

Car vendors like Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, and Ford users HiTag2.

The equipment used by the researchers is quite similar to the one used in the previous attack scenario.

The researcher used a radio device to capture the rolling code number sent by the driver’s key fob.

Once collected a number of rolling codes, the researchers exploited the flaws in the HiTag2 scheme to crack the cryptographic key in less than a minute.

The researchers have already reported the flaws to the VW Group and avoided to disclose any information to reproduce the attack (i.e. cryptographic keys, part numbers of vulnerable components).

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Volkswagen , car hacking)