Toyota, Hyundai and Kia cars are at risk of hacking and theft

Confrontation of car safetymodern car makers continues to increase momentum. Skillful robbers are increasingly resorting to high-tech methods of car theft using both sophisticated methods for creating a clone of keys with radio control, and using simple means at hand.

Belgian cyber expertssecurity from KU Leuven and English researchers from the University of Birmingham have identified a new danger to car owners. Using vulnerabilities in the encoding system, auto-makers can easily crack modern immobilizers using the Texas Instruments-DST80 encryption system. Such systems are installed in Toyota, Hyundai and Kia cars.

Hackeryou will need an RFID Proxmark device that can read information from the immobilizer. Further, the hacker will be able to start the engine of the selected car without any problems. It is noteworthy that Tesla S was also included in the list of cars at risk, but the company quickly released an update to neutralize the efforts of hackers.

Automakers commented on thisvulnerability, saying that this situation is no longer relevant and applies to cars that are sold outside the United States. However, the most important reason for the irrelevance of this vulnerability is the need to find a hacking device almost in the immediate vicinity of the immobilizer, at a distance of no more than 50 mm.

However, experts who identified the vulnerability consider it more dangerous than manufacturers think about it. Experts think that a new problem returns the security system in the 80s of the last century.

Analysis of cryptographic protection of individualautomakers also revealed numerous flaws. So the Toyota Fobs key open source passed the serial number, which is scanned by the RFID reader. For keys from Kia and Hyundai, 24-bit encryption is used, instead of the proposed 80-bit DST80. Such shortcomings lead to reduced safety for car owners.

Source: wired