Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars.
The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations.
These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars.
Car thieves can create duplicate, fully-working key fobs
Wimmenhove discovered the problem by sniffing the radio signals sent out by his own car’s key fob, which is nothing more than a short-range radio transmitter.
The electronics expert quickly realized that he could “clone” the key fob and create a fully-working, unauthorized duplicate.
“By receiving a single packet from
Read more at: https://www.bleepingcomputer.com/news/security/unpatched-exploit-lets-you-clone-key-fobs-and-open-subaru-cars/
A fourth ransomware campaign focused on Ukraine has surfaced today, following some of the patterns seen in past ransomware campaigns that have been aimed at the country, such as XData, PScrypt, and the infamous NotPetya.
The ransomware was discovered today by a security researcher who goes online only by the name of MalwareHunter.
The researcher says the ransomware got his attention because mostly Ukrainian victims were submitting samples for analysis on VirusTotal.
In the past month and a half, Ukraine has been bombarded with ransomware campaigns. The first was XData (mid-May), the second was PSCrypt (last week), and then NotPetya (started on Tuesday).
According to the researcher, this fourth ransomware campaign started on Monday, one day before NotPetya, and piqued his interest because of several reasons.
M.E.Doc servers appear to have distributed another ransomware
The one clue that stood out was
Read more at: https://www.bleepingcomputer.com/news/security/ransomware-attacks-continue-in-ukraine-with-mysterious-wannacry-clone/