Volkswagen Hide A Big Security Flaw For The Past Two Years

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Researchers just revealed that technology used in 126 types of cars makes them easier to steal, and that Volkswagen went to court two years ago to keep their discovery a secret,says CNN.

Security researchers have now discovered a similar vulnerability in keyless vehicles made by several car companies. The weakness – which affects the Radio-Frequency Identification (RFID) transponder chip used in immobilizers – was discovered in 2012, but car companies sued the researchers to prevent them from publishing their findings.

Three European computer scientists who knew about this flaw warned them before but Volkswagen used its lawyers to keep the research under wraps until now.

The list of affected cars included several models made by Audi, Fiat, Honda, Kia, Volkswagen, Volvo and many others. They all rely on chips made by EM Microelectronic in Switzerland.

Below is an image obtained by the Bloomberg staff, which details all the car manufacturers that have Megamos Crypto immobilizer transponders installed in their vehicles, along with the affected models. Cars in bold are the ones on which the security researchers tested their paper.

volkswagen-sued-researchers-for-2-years-to-prevent-them-from-publishing-a-security-flaw-489347-3

 

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

One thought on “Volkswagen Hide A Big Security Flaw For The Past Two Years

  • September 8, 2015 at 2:58 pm
    Permalink

    So, now we can all sue Volkswagen for using their lawyers to seel us something insecure instead of focusing on reserach to fix the bug. Way to go volkswagen, i really don’t want ot be one ogf your jobless lawyers today.

    Reply

Leave a Reply