This Week In Security: Ransomware Decryption, OpenSSL, And USBGadget Spoofing

We’ve covered a lot of ransomware here, but we haven’t spent a lot of time looking at the decryptor tools available to victims. When ransomware gangs give up, or change names, some of them release a decryption tool for victims who haven’t paid. It’s not really a good idea to run one of those decryptors, though. The publishers don’t have a great track record for taking care of your data, after all. When a decryptor does get released, and is verified to work, security researchers will reverse engineer the tool, and release a known-good decryption program.

The good folks at No More Ransom are leading the charge, building such tools, and hosting a collection of them. They also offer Crypto Sheriff, a tool to identify which ransomware strain got your files. Upload a couple encrypted files, and it will inform you exactly what you’re dealing with, and whether there is a decryptor available. The site is a cooperation between the Dutch police, Interpol, Kaspersky, and McAfee. It may surprise you to know that they recommend reporting every ransomware case to the authorities. I can confirm that at the very least, the FBI in the US are very interested in keeping track of the various ransomware attacks — I’ve fielded a surprise call from an agent following up on an infection.

OpenSSL

The OpenSSL project has fixed a pair of vulnerabilities, CVE-2021-3711 and CVE-2021-3712 with release 1.1.11l. The first is a possible buffer overflow caused by a naive length calculation function. A “fixed” length header is actually dynamic, so a carefully crafted plaintext can overflow the allocated buffer. Continue reading “This Week In Security: Ransomware Decryption, OpenSSL, And USBGadget Spoofing”

Hacker Claims Honda And Acura Vehicles Vulnerable To Simple Replay Attack

Keyless entry has become a standard feature on virtually all cars, where once it was a luxury option. However, it’s also changed the way that thieves approach the process of breaking into a car. After recent research, [HackingIntoYourHeart] claims that many modern Honda and Acura vehicles can be accessed with a simple replay attack using cheap hardware. 

It’s a bold claim, and one that we’d love to see confirmed by a third party. The crux of the allegations are that simply recording signals from a Honda or Acura keyfob is enough to compromise the vehicle. Reportedly, no rolling code system is implemented and commands can easily be replayed.

Given these commands control features like unlocking the doors, opening the trunk, and even remote starting the vehicle, it’s a concerning situation. However, it’s also somewhat surprising. Rolling code technology has been around for decades, and makes basic replay attacks more difficult. Range extender attacks that target keyfobs sitting inside homes or gas stations are more common these days.

Whether Honda has made a security faux pas, or if there’s something more at play here, remains to be seen. If you’ve got more information, or have been able to recreate the same hack on your own Honda, be sure to let us know. 

Custom Keyfob Fixes Mazda Design Mistake

While Mazda has made some incredible advances in fuel efficient gasoline engines over the past few years, their design group seems to have fallen asleep at the wheel in the meantime, specifically in regards to the modern keyfob design. The enormous size and buttons on the side rather than the face are contrary to what most people need in a keyfob: small size and buttons that don’t accidentally get pressed. Luckily, though, the PCB can be modified with some effort.

This particular keyfob has a relatively simple two-layer design which makes it easy to see where the connections are made. [Hack ‘n’ Tink] did not need the panic button or status LED which allowed him to simply cut away a section of the PCB, but changing the button layout was a little trickier. For that, buttons were soldered to existing leads on the face of the board using 30-gage magnet wire and silicone RTV. From there he simply needed to place the battery in its new location and 3D print the new enclosure.

The end result is a much smaller form factor keyfob with face buttons that are less likely to accidentally get pressed in a pocket. He also made sure that the battery and button relocation wouldn’t impact the antenna performance. It’s a much-needed improvement to a small but crucial part of the car; the only surprise is that a company that’s usually on point with technology and design would flop so badly on such a critical component.

Thanks to [Brian] for the tip!

Continue reading “Custom Keyfob Fixes Mazda Design Mistake”

Lock Your Keys In The Car On Purpose With Aluminum Foil

[TJ] is a surfer, and drives his car to get to the beach. But when he gets there he’s faced with a dilemma that most surfers have: either put his key in your baggies (shorts) or wetsuit and hope it doesn’t get lost during a wipeout, or stash it on the rear wheel of his car. Hiding the keyfob by the car isn’t an option because it can open the car doors just by being in proximity to the car. He didn’t want to risk losing it to the ocean either, so he built a waveguide of sorts for his key out of aluminum foil that lets him lock the key in the car without locking himself out.

Over a series of trials, [TJ] found out that his car, a 2017 Chevy Cruze, has a series of sensors in it which can determine the location of the keyfob based on triangulation. If it thinks the keyfob is outside of the car, it allows the door to be locked or unlocked with a button on the door handle. If the keyfob is inside the car, though, it prevents the car from locking via the door handles so you don’t accidentally lock yourself out. He found out that he could “focus” the signals of the specific sensors that make the car think the keyfob is outside by building an open Faraday cage.

The only problem now is that while the doors can be locked, they could also can be unlocked. To solve that problem he rigged up an ESP32 to a servo to open and close the opening in the Faraday cage. This still means there’s a hidden device used to activate the ESP32, but odds are that it’s a cheaper device to replace than a modern car key and improves security “through obscurity“. If you have any ideas for improving [TJ]’s build, though, leave them in the comments below. Surfers across the world from [TJ] to the author would be appreciative.

The Great Ohio Key Fob Mystery, Or “Honey, I Jammed The Neighborhood!”

Hack long enough and hard enough, and it’s a pretty safe bet that you’ll eventually cause unintentional RF emissions. Most of us will likely have our regulatory transgression go unnoticed. But for one unlucky hacker in Ohio, a simple project ended up with a knock at the door by local authorities and pointed questions to determine why key fobs and garage door remotes in his neighborhood and beyond had suddenly been rendered useless, and why his house seemed to be at the center of the disturbance.

Few of us want this level of scrutiny for our projects, so let’s take a more in-depth look at the Great Ohio Key Fob Mystery, along with a look at the Federal Communications Commission regulations that govern what you can and cannot do on the airwaves. As it turns out, it’s easy to break the law, and it’s easy to get caught.

Continue reading “The Great Ohio Key Fob Mystery, Or “Honey, I Jammed The Neighborhood!””

3D Print A Thinner Car Key

Almost all modern cars come with keyless entry, some even come with keyless start. Of course, the price you pay for this technology is a bulky plastic keyfob that is an absolute pain to remove from your pockets, and generally spoils the lines of your carefully chosen outfit. [Jeremy] decided enough was enough.

The project begins with a careful disassembly of the original key. This is important to avoid damaging the PCB inside, particularly if there are any delicate wire links between different sections of the keyfob. With the piece disassembled, it was then time to start designing a replacement encasement to hasten escapement while pacing the pavement.

The 3D printer really is the perfect tool for the job here, and [Jeremy] employs it well. With this being a proximity-based keyfob, the buttons are only necessary if you want to operate the locks at a distance. They simply took up too much vertical space, so they had to go. In the end, with a redesigned housing for the PCB, and while retaining the backup mechanical key, the new fob is just 11mm, down from 18mm – a nearly 40% saving in thickness!

It’s a tidy way to clean up your pockets and make life easier. We’ve seen similar work before, too.

Slimline Proximity Fob Makes Life Easier

Modern cars these days tend to come with proximity keys, which allow the driver to unlock and start the vehicle without having to remove the key from one’s pocket. While this is a great usability upgrade, for some reason key fobs continue to be bulky plastic monstrosities that when stuffed into a pocket can easily ruin the lines of a well-chosen outfit. This wasn’t good enough so [Patrick] decided to sort it out.

Starting with a Prius key, the first step was to disassemble the already broken key fob and separate out the PCB from the case and battery holder. With those removed, a coin cell was soldered to some wires connected to the PCB. As a substitute for the original case, a plastic card was cut up and the PCB inserted within, allowing the setup to fit neatly in a wallet’s card pocket. Lashings of tape bring the project home.

Unsurprisingly, it works, and works well. It raises the question why key fobs are so large and ungainly, taking up so much precious pocket space. We’d love to see even slimmer takes on this with 3D printed enclosures or even completely redesigned PCBs. Give it a go, and hit up the tip line. Else, check out how key fobs are routinely hacked to steal cars.