Frankfurt - German and British researchers have discovered a security flaw in remote locking systems fitted to around 100-million cars worldwide, German media reported on Thursday.
The bug affects vehicles with a remote lock activated by a key, the Sueddeutsche Zeitung (SZ) daily and public broadcasters NDR and WDR reported.
Volkswagen Group is one of the hardest hit, with popular models including the Golf 4 and 6 but also vehicles from subsidiaries like Audi, Seat and Skoda on the list of vulnerable cars.
Security breach
The auto giant acknowledged to the SZ: "Security systems of vehicles up to 15 years old don't demonstrate the same level of security as our more current vehicles."
Hackers are able to get around the security system by using passwords from old keys, the SZ reports because the system did not allow for a sufficiently large number of different passwords.
READ: Global car security risk - VW responds
The researchers were also able to record the radio signal from a specific key and use it later to open the corresponding car.
Other brands affected include:
Citroen
Peugeot
Renault
Fiat
Opel
Nissan
Ford
While VW suggested in comments to the SZ that the hack was of mostly academic interest, German authorities are currently investigating the theft of a car which could have used the method described by the researchers, an anonymous security source told the paper.
The Munich-based broadsheet also notes that car thefts have fallen significantly in recent years. German insurance federation GDV told SZ that around 18 000 cars are stolen every year in Germany, down from 105 000 23 years ago.