Radio Attack Breaks into Autos
Wednesday, March 23, 2016 @ 02:03 PM gHale
By creating two radio signal extension devices and putting the receiver in the vicinity of a car key and the transmitter in the vicinity of a car door, it is possible to break into a vehicle and start it up from a long distance.
Hacking into modern vehicles is becoming more of a concern these days since auto manufacturers do not seem to be thinking about securing wireless control systems in cars.
This time a group of researchers from ADAC, the largest automobile club in Germany and Europe, demonstrated how the keyless “comfort locking” system used by most automakers on most modern cars provides no security against vehicle theft.
Previous research demonstrated how easy is to fool the system into unlocking the car and starting its engine by relaying messages between the car and the smart key, at a considerable distance (up to 50 meters, non line-of-sight).
In a new part of the attack scenario, ADAC researchers have come up with a much cheaper alternative ($225 altogether for the attack setup) and have managed to extend the range of the attack.
“The radio connection between keys and car can easily be extended over several hundred meters,” the researchers said. The key could easily be in the owners’ home (and pocket or bag) and the attack will work – and will also turn off the car’s alarm system.
Attackers can make the devices at home from commercial electronic components. All the attacker needs to do is create two radio signal extension devices, and put the receiver in the vicinity of the car key and the transmitter in the vicinity of the car door.
The transmitter mimics the key and its proximity to the car triggers the locking system, which sends out a signal asking the key to respond. The transmitter relays the signal to the receiver near the car key, which relays it to the key. Once the key responds with the correct signal, the two devices relay it back to the car.
The system recognizes the signal as valid, and unlocks the vehicle. Usually this means the attacker can enter the car and start the engine by simply pushing the starter button. The engine won’t shut down until the attacker chooses to do so or until it the engine runs out of fuel.