Wireless key remotes are turning into open vectors when it comes to automotive security.
A year ago Samy Kamkar showed how a Software Defined Radio (like the HackRF One) can be used to observe, record, and replay a radio signal to help unlock a car. Similar methods have been shown to work against a variety of remotes (including garage door openers).
It sounds like it’s now VW’s turn to be targeted by researchers who not only unlocked the doors but also bypassed the RFID immobilizer transponders to allow them to turn cars on. What made the story newsworthy was not only that VW went to court to prevent the researchers from releasing their report, but that the researchers have come back with even more vulnerabilities to present:
One of the attacks would allow resourceful thieves to wirelessly unlock practically every vehicle the Volkswagen group has sold for the last two decades, including makes like Audi and Škoda. The second attack affects millions more vehicles, including Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.
The problem is that a lot of remotes are based on decade-old technology and the cost of replacing what’s already out there at this point is prohibitive.