Dozens of car models can be unlocked and started with a cheap radio amp

A group of German researchers from ADAC have published their work on extending last year's amplification attack that let thieves steal Priuses with a $17 gadget that detected your key's unlock signal and amplified it so it would reach the car.

The researchers have shown that at least 24 different car models from 19 manufacturers are vulnerable to this attack, and can be unlocked and driven away with cheap, easy-to-make radio amps.

The researchers say that thieves are already using this method to steal cars, and point to the surveillance video above as an example of a real-world theft.

Audis have had a similar, unpatched vulnerability for at least five years — though its details have never been revealed because Volkswagen threatened to sue the researchers who discovered it.

Here’s the full list of vulnerable vehicles from their findings, which focused on European models: the Audi A3, A4 and A6, BMW’s 730d, Citroen’s DS4 CrossBack, Ford’s Galaxy and Eco-Sport, Honda’s HR-V, Hyundai’s Santa Fe CRDi, KIA’s Optima, Lexus’s RX 450h, Mazda’s CX-5, MINI’s Clubman, Mitsubishi’s Outlander, Nissan’s Qashqai and Leaf, Opel’s Ampera, Range Rover’s Evoque, Renault’s Traffic, Ssangyong’s Tivoli XDi, Subaru’s Levorg, Toyota’s RAV4, and Volkswagen’s Golf GTD and Touran 5T. Only the BMW i3 resisted the researchers’ attack, though they were still able to start its ignition. And the researchers posit—but admit they didn’t prove—that the same technique likely would work on other vehicles, including those more common in the United States, with some simple changes to the frequency of the equipment’s radio communications.

Keyless: Easy prey for car thieves
[ADAC]


Radio Attack Lets Hackers Steal 24 Different Car Models [Andy Greenberg]

(via /.)