You may be forgiven for thinking your car is secure, parked on your drive with the doors locked.
But
a security researcher has revealed how key fobs can be hacked
wirelessly using an everyday laptop, transmitter and a bit of technical
knowledge.
Researcher Dr Silvio Cesare demonstrated the hack exclusively to Wired, ahead of presenting his findings at this week’s Black Hat conference in Las Vegas.
Scroll down for video
The hack was demonstrated by security
researcher Dr Silvio Cesare ahead of his talk at this week’s Black Hat
conference in Las Vegas. Cesare used a software-defined radio to mimic
the same frequency as a key fob. Using this frequency, he was able to
guess the code that unlocked the car. Stock image pictured
Dr Cesare’s hack involved mimicking the frequency used by key fobs, and wirelessly unlocking the car in minutes.
The
equipment used in the hack included a software-defined radio, a
transmitter, amplifier and antenna all connected to his laptop.
His whole system cost $1,000 (£600) - but prices could be cheaper if different antennas and transmitters were used.
The radio is designed to pick up frequencies across the FM, Bluetooth and Wi-Fi range.
In
the video, Dr Cesare is shown using his laptop, with the antenna and
amplifier, to transmit the same frequency used as the key fob.
He
then performed what’s known as a ‘brute force’ attack to correctly
identify the code needed to force the fob to unlock the car.
In theory, this could be performed with any key fob if the hacker was able to identify and attack the frequency it sits on.
The
car used in the attack has deliberately not been revealed, but Dr
Cesare told Wired he has contacted the manufacturer, via the Australian
Computer Emergency Response Team.
Dr Cesare did caveat his discovery, however, by claiming it’s not as straightforward as it seems.
Dr Cesare added that the hacker would
need to pick up the car's unique unlock code by 'eavesdropping' on the
frequency before being able to attack it
For example, the hacker would need to pick up the car's unique unlock code by 'eavesdropping' on the frequency.
But,
he noticed the code in his experiment could be used multiple times
before it stopped working, so this eavesdropping could occur well in
advance of the attack.
This is the latest hack that exposes weaknesses in the technology being fitted to modern-day cars.
In February, hackers demonstrated a homemade devices called the CAN Hacking Tool (CHT).
The
device can be fitted to any car's Controller Area Network 'within
minutes' and run malicious code through the vehicle's system.
Once hackers take hold of this network they can control lights, locks, steering and even brakes - and it costs just $20 (£12).
Many cars come with built-in software that run on an operating system in a similar way to phones and computers.
The CAN Hacking Tool (CHT) has four wires that are attached to the different outputs of a car's Controller Area Network.
A
60p ($1) computer chip is used to bypass any encryption on the car
before reading and writing data from the flash memory of the vehicle's
engine control unit.
In February, Spanish security researchers
created the $20 (£12) CAN Hacking Tool (CHT) (pictured) - a device that
can be fitted to any car's Controller Area Network 'within minutes' and
run malicious code through the vehicle's system. Once hackers take hold
of this network they control lights, locks, steering and brakes
Hacking tools can be attached to a car's
Controller Area Network (CAN), pictured. This diagram shows the
electronic layout of a typical car and the features controlled by the
CAN are shown along the black lines including lights, climate, seats,
heating and locks
The gadget is smaller than an iPhone, meaning it sits in the palm of the hacker's hand, and can be controlled remotely.
Hackers
can use any command they want to program an action via the CHT, and
this includes disabling the brakes, deploying the airbag, locking the
doors and enabling the alarm.
0 comments:
Post a Comment