Registration was successful!
Please follow the link from the email sent to

Hackers Could Copy Keyless Start Systems of Toyota, Hyundai, and Kia Cars, New Research Reveals

© AP Photo / Eugene HoshikoFILE - In this Aug. 2, 2019, file, photo, people walk by the logo of Toyota at a show room in Tokyo
FILE - In this Aug. 2, 2019, file, photo, people walk by the logo of Toyota at a show room in Tokyo - Sputnik International
Car owners keyless start systems have had to worry in recent years about hackers being capable of hacking into cars using the radio-enabled keys and stealing them. New research has revealed that flaws in the system could allow assailants to clone the keys and access the vehicle.

Researchers from Belgium's KU Leuven and the University of Birmingham revealed this week that certain car encryption systems are vulnerable to immobilisers and their radio unlocking systems can be disabled by hackers.

The researchers developed their technique by purchasing a collection of immobilizers' electronic control units from eBay and reverse-engineering the firmware to see how they communicated with various key fobs.

"You're downgrading the security to what it was in the '80s", University of Birmingham computer science professor Flavio Garcia said.

Vehicles which include a Texas Instruments encryption system called DST80 are the most at risk. Information can be accessed by a hacker swiping a regular Proxmark RFID reader/transmitter device near the key fob of any car with DST80, allowing them to use the same Proxmark device to replicate the key inside the car and disable the immobiliser and start the engine.

The Texas Instruments DST80 encryption authentication was often easy to identify and the problem was discovered to be in how the carmakers implemented it.

The Toyota fobs' cryptographic key was based on their serial number and transmitted that serial number to an RFID reader when scanned.

According to the researchers, the cars vulnerable to the hack include the Toyota Camry, Corolla, and RAV4; the Kia Optima, Soul, and Rio; and the Hyundai I10, I20, and I40. 

Toyota has confirmed the validity of the findings but said that the technique is likely not as easy to pull off as the "relay" attacks that thieves have often used to seize luxury cars and SUVs, which use radio devices within the range of a key fob to open and start a victim's vehicle. 

"The described vulnerability applies to older models, as current models have a different configuration", Toyota said in a statement.

"This vulnerability constitutes a low risk for customers, as the methodology requires both access to the physical key and to a highly specialized device that is not commonly available on the market", they added.

The cloning tactic which the researchers discovered requires an assailant to scan a key fob with an RFID reader from just a short distance. Hackers also must find a way to turn the key ignition as the process only disables the immobilizer rather than the keyless entry system.

The researchers said that they left key parts of the technique out of their research paper to prevent it from being replicated by potential hackers.

With the exception of Tesla, the researchers claim, none of the cars would be capable of fixing the program with a software patch downloaded directly to the cars and in some cases they may have to replace the key fobs entirely.







To participate in the discussion
log in or register
Заголовок открываемого материала