New remote lock hacking method endangers 100 million Volkswagen cars

By Yen Palec / Aug 12, 2016 03:39 AM EDT
(Photo : Getty Images/Michael Gottschalk ) Office Builiding of Volkswagen AG headquarters seen behind VW employees car park on August 09, 2016 in Wolfsburg, Germany.

German automaker Volkswagen has yet to recover from the massive fallout caused by the emissions test scandal, and now the company is once again in rough waters. Security researchers recently released a relatively simple hacking method that can break into almost any Volkswagen vehicle manufactured since 1995, putting the security of nearly 100 million cars in serious jeopardy.

 The hack comes from a team of security researchers from the University of Birmingham. The team's lead Flavio Garcia unveiled the hack during the recent Usenix security conference in Austin, Texas. Through the use of clever reverse engineering and with the help of an Arduino radio scanner connected to a computer, Garcia and his team claim that they able to remotely unlock nearly 100 million Volkswagen cars.

The worst part of the report was, using the hacking method applied to remotely unlock Volkswagen cars, Garcia and his team were able to create a second hacking method that can unlock millions of other vehicles manufactured by notable car companies such as Ford, Nissan, Alfa Romeo, Citroen, Fiat, Open, Mitsubishi, and Peugeot.

In a statement acquired by Wired, Birmingham researcher David Oswald said, "You only need to eavesdrop once. From that point on you can make a clone of the original remote that locks and unlocks a vehicle as many times as you want."

According to the researchers, the hack is a bit tricky to pull off. The researchers noted that for radio eavesdropping to be successful, perpetrators with the interception equipment are required to be within at least 300 feet of the target vehicle.

According to Digital Trends, the semiconductor company responsible for manufacturing the chips used in these keyless entry systems has been asking the car companies to use or upgrade to newer security algorithms for many years now. Volkswagen has already acknowledged the vulnerability of its cars, but the company did not say whether it is working on a fix to patch these security loopholes.