A major security concern on some of Honda’s most popular models could be exposed by using a wireless radio.
The hack, which was published by TechRadar this week found that the Honda models Accord, Civic, C-RV and X-RV released over the last ten years could all be vulnerable to the security lapse.
Researchers at security experts Star-V Lab say the hack could allow potential thieves to unlock the vehicle and even start the engine. Ironically the flaw exploits a system which is employed to stop keyfob relay attacks which many vehicles are vulnerable to.
While the technology known as rolling codes opens up Honda owners to having their cars and possessions within it under threat, the Japanese company have denied that cars can be driven away using the hack.
The Star-V Lab team posted a blog post, naming the the hack ‘Rolling-PWN’, saying that the ‘bug is a serious vulnerability. We found it in a vulnerable version of the rolling codes mechanism, which is implemented in huge amounts of Honda vehicles.’
With the threat of this new hack going global and even potentially affecting other models and brands, Honda initially denied the flaw, but later admitted that it was a sophisticated method for entering vehicles.
“We can confirm researcher claims that it is possible to employ sophisticated tools and technical know-how to mimic Remote Keyless commands and gain access to certain vehicles or ours," Honda said. "However, while it is technically possible, we want to reassure our customers that this particular kind of attack, which requires continuous close-proximity signal capture of multiple sequential RF transmissions, cannot be used to drive the vehicle away. Furthermore, Honda regularly improves security features as new models are introduced that would thwart this and similar approaches.”