› Forums › Security › Discussions (Security) › Hackers Can Clone Millions of Toyota, Hyundai, and Kia Keys
Tagged: SecureElement_H11, Security_S12
- This topic is empty.
-
AuthorPosts
-
-
April 8, 2020 at 5:51 pm #41432
#Discussion(Security) [ via IoTGroup ]
Over the past few years, owners of cars with keyless start systems have learned to worry about so-called relay attacks, in which hackers exploit radio-enabled keys to steal vehicles without leaving a trace.
Now it turns out that many millions of other cars that use chip-enabled mechanical keys are also vulnerable to high-tech theft.
Researchers from KU Leuven in Belgium and the University of Birmingham in the UK earlier this week revealed new vulnerabilities they found in the encryption systems used by immobilizers, the radio-enabled devices inside of cars that communicate at close range with a key fob to unlock the car’s ignition and allow it to start.
A hacker who swipes a relatively inexpensive Proxmark RFID reader/transmitter device near the key fob of any car with DST80 inside can gain enough information to derive its secret cryptographic value.
That, in turn, would allow the attacker to use the same Proxmark device to impersonate the key inside the car, disabling the immobilizer and letting them start the engine.
The researchers say the affected car models include the Toyota Camry, Corolla, and RAV4; the Kia Optima, Soul, and Rio; and the Hyundai I10, I20, and I40.
The full list of vehicles that the researchers found to have the cryptographic flaws in their immobilizers is below:
A list of the cars the researchers say are vulnerable to their immobilizer-disabling attack.
Though the list also includes the Tesla S, the researchers reported the DST80 vulnerability to Tesla last year, and the company pushed out a firmware update that blocked the attack.
Toyota has confirmed that the cryptographic vulnerabilities the researchers found are real.
But their technique likely isn’t as easy to pull off as the “relay” attacks that thieves have repeatedly used to steal luxury cars and SUVs. Those generally require only a pair of radio devices to extend the range of a key fob to open and start a victim’s car.
Read More..
AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019
-
-
AuthorPosts
- You must be logged in to reply to this topic.