Hackers Reveal How To Remotely Start A Range Of Different Honda Models

Technology / 5 Comments

This is something the carmaker will have to look into immediately.

Security researchers have found a huge problem with Honda's keyless entry system. It could allow hackers to unlock and start all Honda vehicles on the market today, including the Honda Civic. The software is called a 'Rolling-Pwn' attack and was discovered by Star-V Lab researchers Wesley Li and Kevin2600. Effectively, the hack exploits Honda's keyless entry system to start the car. It does so by transmitting the proper authentication codes between the car and the key fob.

We've seen this before with Honda. And earlier this year a 19-year-old hacked 25 Teslas from all over the world. The F-150 Lightning was, up until recently, extremely vulnerable to Bluetooth hacks. Some have even used it as an anti-Putin propaganda tool.

2013-2015 Honda Accord Sedan Key Fob Honda
2022 Honda Civic Si Front Angle View CarBuzz
2022 Honda Civic Hatchback Spy shots Rear Perspective Driving Honda
Forward View CarBuzz

Star-V notes this kind of attack can be prevented by a car's rolling-codes mechanism. That's a system that is designed to prevent reply attacks (a type of hack) by providing a new code for each authentication attempt by a remote key fob. Evidently, it does not do that properly.

The attack "eavesdrops" on a paired keyfob, capturing codes sent by the fob. Then, the attacker can replay a sequence of valid codes and re-sync the car's Pseudorandom Number Generator (PRNG). As a result, a hacker can use codes from earlier that otherwise wouldn't work. These systems are secure because they almost never use the same code twice (as a result of the PRNG). With the hack, not only will the system take an old code, but it'll use it to start the car.

Honda
2017-2019 Civic Si Coupe Driving Back View Honda
2022 Honda Civic Si Rear Angle View CarBuzz
Rearward Vision CarBuzz

As of now, the hack has been tested on a wealth of Honda models. The Honda Civic from 2012, a 2020 Accord, and a 2022 Fit were all successfully hacked. Reportedly, the hack also allows you to drive the vehicle as if the key is inside. Right now, it's unclear whether that means the car can then keep driving without the key.

For now, Honda has not issued a public statement regarding the hack. Should Honda classify it as a legitimate threat, a recall will likely have to be issued. Given the breadth of models covered, this hack could also necessitate an entirely new build for Honda's keyless entry systems- a very, very expensive proposition.

2022 Honda Civic Hatchback Spy shots Forward Vision CarBuzz
2022 Honda Civic Hatchback Spy shots View Out Back CarBuzz
2022 Honda Civic Hatchback Spy shots Rear Passenger Seats CarBuzz
2022 Honda Civic Hatchback Spy shots Steering Wheel Design CarBuzz
Source Credits: Star-V Lab

Join The Discussion

Gallery

2022 Honda Civic Si Side View
2022 Honda Civic Hatchback Spy shots Driving Front Angle
2013-2015 Honda Accord Sedan Key Fob
2022 Honda Civic Si Front Angle View
2022 Honda Civic Si Rear Angle View
14
Photos

Related Cars

Back
To Top