Cars Being Stolen With Keyless Entry
If car owners throw their keys on the table or near their door, they may unknowingly allow thieves to steal their signal. This relay attack is one of the latest techniques criminals are using to steal new keys from cars.
Keyless ignition vehicles emit a low power radio signal to find the fob that matches. If the signal is recorded and recreated it can be used to unlock the car and begin it up.
Relay Attack
Imagine your car safely parked in your driveway, with the key fob safely inside your home. You're confident that your car is safe, but unnoticed by you sophisticated thieves are planning an heist. Instead of slamming windows or jiggling locks, these thieves are using technology to hack into vehicles using digital cracks in their armor. This is known as relay theft, it's an increasingly common way to steal cars with keyless entry.
The keyless entry system found in cars is controlled by a signal by the car's RF transmitter to the key fob. To stop unauthorized keyless entry, the RF transmitters in the key fob and car are programmed to only activate when they're within certain distance of each other. The thief is able to circumvent this restriction using a technique known as the relay-attack.
Two people are required to complete this: one person is close to the car and uses a device that captures an electronic version of the signal from the key fob. The other person who is at home with the owner is using a second device to transmit the signal from the key fob back to the car. This trickery tricks the car into believing that the key fob is at an adequate distance to allow it to be opened and started the vehicle.
This kind of heist was once a costly process that required expensive equipment. You can now buy a cheap relay transmitter on the internet and complete an heist in a matter of minutes. This is the reason why car thieves are enthralled by it.
While certain vehicles are less susceptible to this kind of theft than others, all modern cars with keyless entry are vulnerable. In fact, researchers have tested 237 popular cars and found that they could all be stolen using this method.
Tesla vehicles are believed to be less prone to this kind of theft. However Tesla hasn't implemented UWB technology to enable it to perform distance checks and stop relay attacks. The company has stated that they will implement this feature in the near future, but for now they are vulnerable. That's why it's essential to be proactive about your security in your car and install an anti-theft tool that safeguards your keys and car from these types of attacks.
CAN Injection Attack
Modern vehicles are designed to guard themselves from theft by exchanging cryptographic data with the key to prove that it's genuine. The system is considered to be safe, but thieves have found ways to get around it. They just impersonate the smart key, and send other messages to the vehicle letting it unlock the doors, disable its engine immobilizer, and then go on their way. To do that they gain access to the smart key's internal communications network.
The majority of cars today are fitted with between 20 and 200 electronic control units, also known as ECUs, that control different aspects of the vehicle's operation. They communicate with each other via a network known as CAN bus. To ensure that power consumption is low, these ECUs go into the sleep mode at low power. This mode is activated when they receive a 'wake up frame. These frames are usually sent from the door or smart key receiver ECU. However they aren't always encrypted or authenticated so they can be intercepted by criminals using a cheap and basic device.
They look for a place where they can connect directly to the wires for CAN connection. They usually hide in the headlights, or in other areas of the front of the vehicle. To access them, you can pull the bumper and cut holes in the headlamp assemblies. The thieves use a device known as an CAN injection attack to send fake messages which fool the safety systems of the car into unlocking and disengaging the engine immobilizer.
These devices are available for sale on the Dark Web, and work for most of the major car makers which include BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and more. The researchers who discovered this CAN Injection attack are recommending that all car makers address the issue in their current models, but the reality is that thieves will continue to steal whatever they can get their hands on. The best we can do is try and prevent this by installing mechanical security measures such as Discloks on all of our cars, and making sure that they're always placed in areas that are well-lit and are easily visible to pedestrians.
The Signal is blocked
In a different variation of the relay attack, thieves can make use of a device to block the signal that is sent by an electronic key fob if the car is locked. The device could be hidden in the pocket of a thief in a parking space or in a hiding spot near the driveway that is being targeted. Owners don't check if the vehicle is locked when they press the lock button. Instead, thieves are able to escape with the vehicle since the signal that normally locks the car is blocked by the crook's device.
The crooks also make use of devices to enhance the signal of the key fob to unlock vehicles. The crooks are able to do this even if the key is inside a driver's pocket or hanging on a hook inside the home. When the car is unlocked, they can make use of a standard diagnostic port or computer hacker to program a blank key fob and gain control of the vehicle.
Automobile manufacturers have developed various anti-theft devices to protect against these types of attacks. However, thieves are always trying to beat these measures.
They've started using devices that transmit at the same frequency as click here remote keyfobs in order to intercept signals. The thieves can then copy the unlock code of the key fob and then start the car with this fake signal.
This technique is particularly popular in the US where a lot of cars have wireless technology. Owners can start and unlock their car using a mobile application on their phone. This technology is likely to gain popularity as more and more manufacturers attempt to connect their vehicles to owners' smartphones.
In addition to incorporating anti-theft technology in vehicles, it's important for drivers to use the best practices when they park their vehicles. It is not advisable to leave their keys in the ignition and always lock the car when they are not in it. If possible, they should also use a steering or gearstick locking device. It is also recommended to think about installing a tracking device on their vehicle in the event that it's stolen.
Flat Battery
This kind of attack is more common than most people realize. The thieves employ low-cost devices that increase the signal of your key fob to unlock and start your car if it is off. They then simply drive the car around the corner or onto a trailer to then drive off with it. Installing an interruption switch to the starter circuit will protect your vehicle from this. Simpler versions have an ON/OFF button that interrupts the circuit. It's about $15 and is simple to install.
Car thieves are always looking for new ways to get into vehicles and then steal them. Car manufacturers, police and insurance companies are constantly trying to stay on top of the latest techniques and offer better anti-theft systems for modern vehicles. However, that doesn't stop thieves who are able change quickly and find ways to circumvent the most recent anti-theft measures.
For instance, many criminals use devices that operate on the same radio frequency as the fob to block the signal. The device is tucked away in the pocket or close by the vehicle and prevents the fob from transmitting the signal to the car. This can be done within just a few seconds. The device is cheap and is available on the internet.
Another tactic is to hack the car's computer system. This is more difficult but still feasible. Hackers have designed devices that connect to the diagnostic port of all vehicles and allow them to access the software. They can then program the fob with blank code to work. It is possible to do this with older cars as well however it is more difficult if you remove the ignition.
As more vehicles are connected to smartphones of drivers, this method may become more popular as well. Once a burglar has gained the username and password for an app for vehicles they are able to unlock the car or start it by using the app on their phone. You can help defend yourself from these kinds of attacks by not leaving valuables in your car and putting it in a garage or secure parking lot.