All articles tagged with #relay attack
The Flipper Zero can be used to unlock modern cars by exploiting vulnerabilities in the car's security system, specifically through reverse-engineering the rolling code algorithm, but the device itself isn't the core issue—it's the leak or reverse-engineering of automakers' security codes that enables these attacks.
Cybersecurity researchers have discovered a vulnerability called "forced authentication" that allows hackers to steal a Windows user's NT LAN Manager (NTLM) tokens by tricking them into opening a specially crafted Microsoft Access file. By abusing a legitimate feature in Access that allows users to link to external data sources, attackers can leak NTLM tokens to their server, enabling them to launch relay attacks. Microsoft has released mitigations for the issue, and 0patch has provided unofficial fixes for various Office versions. Additionally, Microsoft plans to discontinue NTLM in Windows 11 in favor of Kerberos for enhanced security.
A new form of keyless car theft called CAN injection attacks has been discovered by a cybersecurity researcher who was a victim of the crime. The attack involves using an "emergency start" device to bypass the smart key system and inject malicious messages into the car's Controller Area Network (CAN), causing it to malfunction and allowing the thief to start the car. This technique is more sophisticated than the previously used relay attack and can be performed in under two minutes.