European researchers have uncovered a vulnerability in the keyless entry systems of Volkswagen Group vehicles built over the past 20 years, making them susceptible to theft.
A research paper published by electronic security experts at the University of Birmingham outlines the ease which with researchers were able to ‘eavesdrop’ on the electronic unlock signal from Volkswagen Group keyfobs, and replicate the signal to gain access to vehicles.
The vulnerability affects vehicles from as far back as 1995 and up to as recently as 2016 models, including vehicles from Volkswagen, Skoda, Seat and Audi.
Volkswagen was quick to hose down speculation that its latest generation of vehicles aren’t affected by the theft risk releasing a statement explaining that "this current vehicle generation [including the MQB platform] is not afflicted by the problems described".
Because those security systems were supplied to Volkswagen via a parts supplier, and not developed in-house, the report also opens up the possibility of other manufacturers sharing the same theft risk, however the report does not go into specifics of the parts supplier nor the susceptibility of other brands.
The results of the report were shared with Volkswagen ahead of its publication, and key details that could be used by thieves to easily gain access to affected vehicles had been removed from the final draft of the report.
The report also suggests reverting to manual locking and unlocking of vehicles with remote entry to prevent broadcasting a security signal that can be copied. For vehicles with keyless access (where entry can be gained whenever a key is in close proximity to the vehicle) the signal is broadcast constantly, and the vehicle is potentially more difficult to secure.