Any car owner with a keyless entry and ignition system, be warned: Chinese security researchers have proven that with equipment costing about $25, hackers could easily open car doors remotely from up to 1,000 feet away, start the cars' engines and drive away.
Researchers from security firm Qihoo 360 demonstrated their ability to capture a radio signal from a driver's key fob at the Hack in the Box Security Conference in Amsterdam last month, reports automotive news site Paultan.org.
The researchers, calling themselves UnicornTeam, played a video showing that the captured radio signal could be relayed remotely to someone waiting at the car. The car's driver parks outside a cafe, locks the car, and walks inside.
One accomplice follows the driver in, holding a radio device about the size of a walkie-talkie. The other accomplice, outside and holding a similar device, opens the car's door, gets in, starts the engine and drives off.
The car involved appears to be a late-model Chevrolet Captiva SUV. Like many modern cars, new Chevys have keyless ignition, meaning that anyone holding a device transmitting the right radio signal can open the trunk, open the door and start the car without ever inserting a key. According to the researchers, this particular model will not shut off the engine once it is out of range of the key fob.
The ability to hack into keyless cars has been demonstrated before, but only at a distance of 300 feet, leaving criminals more vulnerable to being caught. The Unicorn Team said they rebroadcast the signal between their devices at a lower frequency, which gave them a range of 1,000 feet.
The researchers' presentation slides have been posted on the Hack in the Box website.