Nigerian Communications Commission (NCC) has issued an advisory to telecom customers and the general public about an ongoing cyber-vulnerability that allows a nearby hacker to remotely unlock cars, start their engines and drive away.
In a statement on Saturday, Ikechukwu Adinde, NCC’s director of public affairs, said the notice was in accordance with the latest advisory released by the Computer Security Incident Response Team (CSIRT) of the commission, the cybersecurity centre for the telecom sector.
Automobile remotes are classified as short-range devices that employ radio frequency (RF) to lock and unlock cars. This prompted the Commission to issue an alert to the general public about the hazard, saying the remotes allows hackers to unlock and start a hacked vehicle.
NCC said the vulnerability is a Man-In-The-Middle (MitM) attack or, more specifically, a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car, manipulates, and re-sends them later to unlock the car at will.
It added that the latest type of cyber-attack can manipulate the captured commands and re-transmit them to achieve a different outcome altogether.
According to the Commission, it is also conceivable to alter captured commands and re-transmit them to obtain a different result using this latest sort of cyber-attack.
Multiple researchers disclosed a vulnerability, which is said to be used by a nearby attacker to unlock some Honda and Acura car models and start their engines wirelessly.
The attack consists of a threat actor capturing the radio frequency (RF) signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system.
However, the NCC-CSIRT, in the advisory, has offered some precautionary measures that could be adopted by car owners to prevent falling victim to the attack.
The commission stressed;
When affected, the only mitigation is to reset your key fob at the dealership. Besides, the affected car manufacturer may provide a security mechanism that generate fresh codes for each authentication request, this makes it difficult for an attacker to ‘replay’ the codes thereafter.
In a separate advisory, the NCC warned the public about the reappearance of Joker Trojan-Infected Android Apps on Google Play Store, based on another CSIRT finding.
This was caused by thieves who downloaded genuine apps from the Play Store, modified them by adding Trojan malware, and then uploaded the programme back to the Play Store under a new name.
The harmful payload is only active once the apps are published on the Play Store, allowing them to scale through Google’s rigorous review process.
Once installed, these apps will ask for permissions, which will give them access to important services like text messages and notifications.