Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars.
The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations.
These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars.
Car thieves can create duplicate, fully-working key fobs
Wimmenhove discovered the problem by sniffing the radio signals sent out by his own car’s key fob, which is nothing more than a short-range radio transmitter.
The electronics expert quickly realized that he could “clone” the key fob and create a fully-working, unauthorized duplicate.
“By receiving a single packet from