In nearly all Honda models, hackers were able to open the doors and start the car remotely. A remote keyless entry system is often fitted to modern vehicles, allowing for effortless access to the vehicle.
A remote keyless entry system allows the vehicle to be unlocked or started remotely through a mobile device. Recently, Kevin2600, a security professional, conducted a test to assess the level of resistance to an RKE system that is in use today.
Based on the results of this analysis, it was discovered that all Honda vehicles that have been manufactured between the years 2012 and 2022 have a Rolling-PWN attack vulnerability.
This vulnerability could be exploited by any hacker from afar to open the car door permanently or, in the worst-case scenario, even start the engine of the car as well.
A software-defined radio allows an attacker to capture the code that the car owner uses to unlock the vehicle by exploiting a vulnerability in software-defined radios.
The hacker would then be able to open the car as well by replaying the process. As far as 30 meters can be observed in some cases, it is possible to perform the attack from that distance.
Kevin2600 and his co-workers broke into Honda models using a method known as rolling code in order to get the code to work. As a result, every time the keyfob is used, a different code will be sent to the car, which in turn will be used to unlock it.
Ideally, this would prevent the code from being captured and reused in the future. A flaw has been found, however, which allows the researchers to revert the code to an older version, and then open the car by reusing the older code.
In order to test the attack on different Honda models, Kevin2600 headed to a Honda dealership with his colleagues. There were 10 Honda models that were found to be vulnerable during the visit.
It is for this reason that they believe that the attack will be able to affect all Honda models produced between 2012 and 2022.
Here below we have mentioned all the tested vulnerable Honda models:-
In the past few months, there have been many attacks on modern cars and other targets aimed at unlocking them. It would be fair to conclude that attacks such as these are now one of the most common forms of attacks that are being conducted.
Moreover, there is no way to tell if somebody is attempting to exploit the flaw in your car as it leaves no traces, and there is no way to tell if they have been successful.
Apart from this, it’s recommended that owners could take their car to the local Honda dealership or else patch the keyfob’s vulnerable firmware. to fix the issue.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations by…
Cybersecurity researchers continue to track sophisticated "Click Fix" style distribution campaigns that deliver the notorious…
In a novel and concerning development, multiple U.S. organizations have reported receiving suspicious physical letters…
The cybersecurity landscape has recently been impacted by the emergence of the Strela Stealer malware,…
A recent discovery by the Socket Research Team has unveiled a malicious PyPI package named…
A recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code…