Up next in 10
Car hacked with a button?! Key fobs are at risk! A new hack clones key fobs using readily available tools. Is your car vulnerable? "I can sit in a parking lot and wait...I get all their fob buttons." #carsecurity #keyfobhack #cardefect #cybersecurity #techvulnerability
Show More Show Less View Video Transcript
0:00
Forget the slim gym or smash and grab.
0:02
There's a new way for criminals to break
0:04
into your car. And all it takes is the
0:06
push of a button. It turns out your key
0:09
fob is putting your car at risk.
0:12
[Music]
0:14
Take a look at this. Hackers can
0:15
intercept and clone a key fob's radio
0:18
signal using custom firmware built for
0:20
the Flipper Zero. Now, the Flipper Zero
0:23
is a legal handheld device that can scan
0:25
wireless signals. The company is not
0:27
behind the firmware being used to break
0:29
into cars. That's apparently the work of
0:31
a Russian hacker. Online ads for the
0:34
firmware list it for sale for as high as
0:36
$1,000. One hacker told Straight Air
0:38
News, "I can sit in a parking lot and
0:40
wait for someone to lock their car and
0:42
immediately I get all their fob
0:44
buttons." The hacker tool bypasses a
0:47
security measure for key fobs known as
0:48
rolling codes. So, a single click of the
0:51
button from a rightful car owner, even
0:53
to pop the trunk, grants the hacker full
0:55
access to enter the car at any time.
0:58
That's what makes this tool stand out
1:00
from other efforts to clone key fobs.
1:02
Starting the engine is another story.
1:04
Now, SANS tech reporter Miky Thailen got
1:06
his hands on this firmware and used it
1:08
to break into cars with permission, of
1:10
course. Me Kyle, we're going to talk
1:12
about which car brands are the most
1:14
vulnerable. But first, what's new about
1:16
this hacking technology that makes it
1:18
harder for those car companies to defend
1:20
against?
1:21
Yeah. So, as you noted, rolling codes
1:23
are supposed to protect against this
1:25
kind of attack. And so, traditionally,
1:27
if someone wanted to clone your key fob,
1:29
not only would they need to intercept
1:30
that unlock signal, but they'd actually
1:32
have to use a signal jammer to stop that
1:34
signal that you sent from reaching your
1:35
car. Because once it reaches your car,
1:37
it's no longer valid. as every time you
1:39
unlock the car, a new rolling code uh
1:42
comes into play. So, this new attack,
1:44
all it needs to do is intercept a single
1:47
code, even if it's to pop your trunk and
1:49
even if it reaches the car, it can then
1:51
gain access to your entire fob. So, just
1:53
with that one captured signal, it can
1:55
decode your unlock, your lock, and your
1:57
uh trunk popping open. And so, this can
1:59
be used at a later time.
2:01
And we have that video that shows you
2:03
doing just that using this technology.
2:06
uh with the technology, the firmware
2:08
designer even tells the buyers what
2:10
brands and models they can hack, which
2:12
cars are the most vulnerable.
2:15
Yeah. So, when you obtain the firmware,
2:17
it comes with actually a list of the
2:18
vehicles that are affected. And so, that
2:20
includes Chrysler, Dodge, Ford, Hyundai,
2:23
Jeep, and Kia. And so, it lists many
2:26
models. And there's also high-end
2:27
vehicles like Ferrari listed on there.
2:29
And it's also entirely possible that
2:31
there are models out there that are
2:32
vulnerable that just haven't been tested
2:33
yet. And I actually reached out to
2:35
several of these car manufacturers to
2:37
ask if they were aware of it. And the
2:38
only one to get back to me was Kia of
2:40
America who said that they are not aware
2:42
of the situation, therefore have no
2:44
comment to offer.
2:46
Okay. Given that, do you think that this
2:48
is so new and it's going to become more
2:50
prevalent?
2:51
Yeah, I did speak with a prominent
2:53
hacker who has concerns that this tool
2:55
will eventually make its way to the
2:56
masses. At the moment, the hacker is
2:58
selling it for $1,000 online, and he
3:00
actually has a serial lock on it that's
3:02
intended to keep it from getting into
3:04
the hands of people who didn't purchase
3:05
it. But other hackers that I spoke with
3:07
obtained the tool and actually removed
3:08
that serial lock. So now they have a
3:10
copy that is being spread around among
3:12
security researchers. So it's very
3:14
likely that eventually it will reach
3:16
everyday people. One of the things that
3:18
stood out to me in your story, and our
3:20
viewers can read the entire story at
3:22
sen.com or our app, uh, but one of those
3:25
things was that a security researcher
3:27
said, "There's really not much that we
3:28
can do to protect ourselves beyond not
3:31
using the fob."
3:34
Yeah. I mean, really, the only thing you
3:35
could do to protect against this attack
3:36
is use a physical key. Or, let's say, if
3:38
you're getting out of your vehicle,
3:40
maybe locking the vehicle from inside
3:41
with a physical button. But, of course,
3:43
the problem is is that many modern
3:44
vehicles don't even use physical keys
3:46
anymore. or they rely entirely on fobs.
3:48
So, there's not much that can be done.
3:50
And, you know, in order for car
3:51
companies to fix this issue, they'd have
3:52
to uh, you know, recall potentially
3:56
millions of key fobs and uh, place new
3:58
software on it, which is very unlikely
4:00
to happen. So,
4:02
yeah. Mele Thailen, Sanstech Reporter.
4:04
You can read his entire story at sen.com
4:06
or the San app. Appreciate you breaking
4:08
this down for us.
4:10
[Music]
#Autos & Vehicles
#Hacking & Cracking
#Technology News