RollJam, a $30 device to unlock the majority of car doors

RollJam is a $30 device designed to exploit a design flaw in the protocol that determines how keys communicate with car and unlock the majority of car doors.

The recent hacks of the Jeep Cherokee and the security patch issued by Tesla for its model S have raised the discussion on the car hacking.

Now, security experts have revealed a new type of car hack that could allow an attacker to unlock almost every car or garage door. The researchers presented RollJam, a cheap device composed of a microcontroller and a battery. RollJam is capable to unlock any car or garage door, it is easy to use and costs under $30.

RollJam exploits security vulnerabilities in the wireless unlocking technology that is currently implemented by the majority of car manufacturers.

Keyless entry systems allow car owners to unlock the vehicle remotely within a range of 20 metres.

RollJam was designed to steal the secret codes, also known as Rolling Code, that is generated by Keyless entry systems when the car owner presses the unlock or lock button on his wireless key. The Rolling code is a one-time code randomly generated and sent over a radio frequency to the car when the car owner presses the button of its key fob.

When the Rolling code is used the car generates a new one to use for the next time.

How does RollJam work?

The principle is simple, when the car owner presses the key fob to unlock the car, RollJam used its radio frequency to block the signal and then records it.

The car will never receive the code and the car owner likely will press the button again. When the button is pressed the second time, the RollJam again jams the signal and record also this second code, meantime it reply to the challenge mechanism by providing the first code it intercepted, unlocking the car.

When the victim parks the vehicle in his/her car, you can use that stolen signal to unlock the car. “Because I jammed two signals,” Kamkar said, “I still have one that I can use in the future.

Who is behind RollJam?

Of course one of the most talented hackers, Samy Kamkar, which invented numerous hacks in the past like the Combo BreakerOpenSesame and KeySweeper.

As confirmed by the notorious hacker, the RollJam works on several carshe discovered that the attack works against widely adopted chips, including the High-Security Rolling Code Generator made by National Semiconductor and the KeeLoq access control system from Microchip Technology.

Among the car makers vulnerable to the RollJam device there are Chrysler, Fiat, Honda, Toyota, Daewoo, GM, Volvo, Volkswagen Group, and Jaguar.

As we have anticipated at the beginning of this post, RollJam also works against some garage-door openers, including the Rolling Code Garage Door Opener manufactured by King Cobra.

As explained by the expert, in order to secure the Rolling code have to implement the code expiration after a specific amount of time. In alternative, it is suggested to mitigate RollJam by using a unique chip for every different car. Kamkar will provide details of it hack at the hacker conference DefCon in Las Vegas.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Rolling code, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

11 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

17 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.