Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars. The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations. These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars. This is exactly what Wimmenhove did. He created a device that sniffs the code, computes the next rolling code and uses it to unlock cars…
The researcher said he reached out to Subaru about his findings. “I did [reach out]. I told them about the vulnerability and shared my code with them,” Wimmenhove told BleepingComputer. “They referred me to their ‘partnership’ page and asked me to fill in a questionnaire. It didn’t seem like they really cared and I haven’t heard back from them.”
That’s a pity. I guess they didn’t see this as something to be concerned about. I bet that once people read the story above and see the video below demonstrating the pwnage, they might change their tune:
Here’s the kicker, the pwnage was accomplished using a $25 Raspberry Pi B+ and two dongles, one for wifi ($2) and one for a TV ($8), plus a $1 antenna and a $1 MCX-to-SMA convertor. In other words, $37 of hardware was used to pull this off. Subaru really needs to step up and disclose how they are going to protect owners from this. And they need to do it quickly.
This entry was posted on October 16, 2017 at 8:01 am and is filed under Commentary with tags Subaru. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Subaru Cars Can Be Easily Pwned Via $37 Of Hardware
If you own a Subaru, you might want to read this as there is an unpatched exploit that is now out there that makes it very easy to clone key fobs and open cars:
Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars. The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations. These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars. This is exactly what Wimmenhove did. He created a device that sniffs the code, computes the next rolling code and uses it to unlock cars…
The researcher said he reached out to Subaru about his findings. “I did [reach out]. I told them about the vulnerability and shared my code with them,” Wimmenhove told BleepingComputer. “They referred me to their ‘partnership’ page and asked me to fill in a questionnaire. It didn’t seem like they really cared and I haven’t heard back from them.”
That’s a pity. I guess they didn’t see this as something to be concerned about. I bet that once people read the story above and see the video below demonstrating the pwnage, they might change their tune:
Here’s the kicker, the pwnage was accomplished using a $25 Raspberry Pi B+ and two dongles, one for wifi ($2) and one for a TV ($8), plus a $1 antenna and a $1 MCX-to-SMA convertor. In other words, $37 of hardware was used to pull this off. Subaru really needs to step up and disclose how they are going to protect owners from this. And they need to do it quickly.
Share this:
Like this:
Related
This entry was posted on October 16, 2017 at 8:01 am and is filed under Commentary with tags Subaru. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.