Cars Being Stolen With Keyless Entry
Car owners who toss keys on tables or near their front door may be unwittingly permitting thieves to steal the signal. This relay attack is a highly-tech method criminals use to steal keyless vehicles.
Keyless ignition vehicles emit a low-power radio signal that is used to locate a matching fob. If the signal is recorded and recreated, it can be used to unlock the car and then start it up.
Relay Attack
Imagine your car at your driveway, with your key fob at home. You might think that your car is safe however, sophisticated thieves are planning a heist, without you even knowing. These thieves use technology to hack into vehicles via digital chinks. This method of stealing vehicles with keys is known as relay theft.
The keyless entry system that is found in cars is controlled by a signal by the car's RF transmitter to the key fob. To prevent keyless entry by unauthorized individuals the RF transmitters on the key fob and the car are programmed only to activate when they are within a certain distance from each other. However, thieves are able to override this restriction using a technique known as the'relay attack'.
Two individuals are required to perform this: one person stands close to the car and uses a device that captures an electronic version of the signal from the key fob. The other person who is at home with the owner is using a second device to transmit the signal from the key fob back to the car. This trickery tricks the car into believing that the key fob is at the distance needed to allow it to be opened and started the vehicle.
This kind of heist used to require expensive equipment. However, now you can purchase relay transmitters for inexpensive online market and carry out a heist in minutes. This is why it's so popular among car thieves.
While certain cars are less susceptible to this type of theft than others, all modern vehicles that have keyless entry are vulnerable. Researchers have examined 237 well-known cars and found that every one of them are susceptible to being stolen through this method.
Tesla vehicles are believed to be less prone to this kind of theft. However, the company hasn't yet implemented UWB technologies that would allow it to conduct distance checks and stop attacks via relay. The company has promised to do so in the future, but until then they are vulnerable. That is why it's important to take a proactive approach to your security in your car and install an anti-theft tool that protects your keys and the car from such attacks.
CAN Injection Attack
Modern vehicles can defend themselves against thieves by exchanging encrypted messages with the key in order to prove its authenticity. The system is considered to be secure, but criminals have found ways to circumvent it. They just impersonate the smart key, and send messages to the car letting it unlock the doors, turn off its engine immobilizer, then let them leave the car. To do this they have access to the smart key's internal communication network.
The majority of cars today are fitted with between 20 and 200 electronic control units, also known as ECUs, that manage various aspects of the vehicle's operation. They communicate through the CAN bus network. These ECUs enter a low power sleep mode to decrease their power consumption. This mode is activated when the ECUs receive an "wake up" frame. These frames are usually sent by the ECU that is in charge of the smart key or door. However the messages aren't usually authenticated or encrypted, which means that they can be intercepted by criminals using a cheap and simple device.
To accomplish this, they search for a spot where they can directly connect to the CAN bus connection wires. They are usually hidden in the headlights or in other locations in the front of the vehicle. To get them, you must remove the bumper and make holes in the headlamp assemblies. The thieves employ a device known as an CAN injection attack to send fake messages which trick the car's safety systems into unlocking and disengaging the engine immobilizer.
These devices can be purchased through the Dark Web and work with all major car makers which include BMW and Cadillac, Chrysler, Fiat and Ford, Honda, Hyundai and Jeep, Lexus and Nissan, Renault and Toyota, Volkswagen and Maserati. The researchers who discovered this CAN Injection attack are recommending that all car makers address it in their existing models, but the reality is that these thieves will continue to grab everything they can lay their hands on. We can stop this from happening by installing mechanical security measures like Discloks in all of our cars and parking them in well-lit, visible areas.
Blocking the Signal
In a different variant of the relay attack, thieves could make use of a device to block the signal sent from an electronic key fob if the car is locked. The device could be hidden in the pocket or in the hiding place of a thief on the parking lot, or even near the driveway being targeted. The owners don't know whether their vehicle is locked when they press the lock button. The device of the crook interferes with the signal to lock the car. Thus, thieves are able to drive away with the vehicle.
They also have devices that amplify signals from the key fob to unlock vehicles. They can even do this while the key is in the pocket of the driver or hanging from its hook in the home. After the car is unlocked, hackers can make use of an ordinary diagnosis port to create the fob with a blank.
To protect against this type of attack, car manufacturers have developed a variety of anti-theft devices. But, as always, thieves come up with new ways to beat these measures.
They've started using devices that transmit at the same frequency as remote keyfobs in order to intercept signals. The crooks then copy the unlock code from the key fob and begin the vehicle using this fake signal.
This method is especially popular in the US in which many vehicles have wireless technology. Owners can start and unlock their car using a mobile application on their smartphone. This technology is expected to become increasingly popular as more and more manufacturers attempt to connect their vehicles to their owners' smartphones.
In addition to implementing anti-theft systems in vehicles, it's crucial for drivers to follow the best practices when they park their cars. It is not advisable to leave their keys in the ignition and should always lock the car when they are not in it. If they can it is also recommended to use the gearstick or steering locking device. They should also think about installing a tracking device to their vehicle in the event that it's stolen.
Flat Battery
This kind of attack occurs more often than we think. The thieves make use of inexpensive devices that extend the signal from your key fob to enable it to unlock and start your car even if it is here off. Then they drive the car to an unmarked trailer or around a corner and take it away. It is possible to shield your vehicle from this by installing an interrupter for the starter circuit. The most basic ones have an ON/OFF switch which interrupts the starter circuit. It's priced at around $15 and is easy enough to put in yourself.
Car thieves are constantly searching for new ways to take vehicles. Car manufacturers, police and insurance companies are constantly trying to stay on top of the latest tactics and provide better anti theft systems for modern vehicles. However, this doesn't stop thieves who can adapt quickly and find ways around the latest anti-theft technology.
For instance, many criminals employ a device that works on the same frequency as the fob to jam the signal. They put the device in their pockets or in a location close to their vehicle, and it stops the fob's lock signal from reaching the vehicle, leaving it unlocked. This can be done within just a few seconds. The device is affordable and available on the internet.
Another tactic is to hack the car's computer system. This is more difficult, but nevertheless possible. All cars have an diagnostic port, and hackers have developed devices that plug into them and allow them access the software of the car. From there, they can program the blank key fob to get it to work. This is also possible on older cars, although it is more difficult without removal of the ignition lock.
As more vehicles are linked to smartphones of drivers the method is likely to become more popular too. Once a thief has the username and password to an application for vehicles, they can unlock or start the vehicle with the application. It is possible to be safe from these kinds of attacks by not leaving valuables in your car and parking it in a garage or secured parking lot.