The FBI has arrested members of a motorcycle gang accused to have hacked and stolen over 150 Jeep Wranglers from Southern California, which they later crossed the border into Mexico to have stripped down for parts.
Authorities unsealed an indictment yesterday in a press conference held in San Diego. According to details included in the indictment and an attached search warrant, the gang — named Hooligans Motorcycle Club and based in Tijuana, Mexico — combined old school and modern hacking tactics to carry out the thefts undetected.
Hooligans Motorcycle Gang’s “Dirty 30” behind the thefts
Gang members that participate in these thefts had a very precise role and were part of a Hooligans Motorcycle Gang sub-unit called Dirty 30. All thefts followed the same model.
According to court documents, gang members organized themselves into various theft crews, and in each crew, members had different roles such as leader, thief, transporter, scout, or key cutter.
All thefts started with a scouting phase where gang members with the role of scout drove around South California to identify motorcycles and Jeep Wrangler models they wanted to steal.
While the theft of motorcycles didn’t involve a key, with crooks bypassing the ignition switch, the theft of Jeep Wranglers was far more complex and involved quite a lot of high-tech gadgetry.
Gang accessed database of Jeep replacement key codes
US authorities say that after identifying a Jeep Wrangler, a scout would have to obtain the car’s Vehicle Identification Number (VIN), a code printed in the car’s dashboard, or another location on the car.
Scouts would pass the VIN to their leader, who would then pass the code to a key cutter via Facebook. According to court documents, the key cutters had found a way to access a proprietary database containing replacement key codes for Jeep Wrangler models.
Using the VIN, the key cutters would download two codes from this database. They would use the first code to as instructions to cut a physical replacement key.
They would then pass the newly cut replacement key and the second code back to the leaders, which would hand them over to members tasked with stealing the vehicle.
Court documents reveal that all the database queries for the stolen VIN codes came from a Jeep dealer in Cabo San Lucas, Mexico. Court documents don’t say if the dealer cooperated or gang members hacked its system.
Thieves programmed custom keys just before stealing Jeeps
But the thefts didn’t become easier once thieves had the replacement key, as the chip inside the key wasn’t able to communicate and authenticate with the car.
Whenever a thief would approach a Jeep, the Hooligans member would use external latches on the Jeep Wrangler to pop the hood and disable the alarm’s horn and front lights flashing system. The alarm would still go off, but only the Jeep’s back lights would trigger.
Thieves would then use the replacement key to open the driver’s door, enter the jeep, and insert the key in the car. Thieves would move quickly and connect a handheld vehicle program computer to the Jeep’s Onboard Diagnostics System port, and use the second code they received from the key cutter to program the replacement key, synchronizing it with the car.
Within minutes, thieves would create a valid replacement key, disable the alarm, and drive off with the car. A gang member tasked as a transporter would then take over the stolen car or motorcycle, drive it to Mexico where it would be sold as a whole or broken down into parts.
Below is a video released by authorities showing Hooligans gang members stealing a Jeep in under two minutes.
Thieves stole cars worth over $4.5 million
US officials say their investigation started when police arrested three Hooligans gang members in early 2015. Details provided by the arrested gang members allowed the FBI and other law enforcement organizations to unravel the group’s high-tech operation, which officials tracked under the codename of “Operation Last Ride.”
Officials say that starting with 2014, Hooligans gang members stole over 150 Jeeps worth over $4.5 million.
Authorities recommended that Jeep changes their hood locking system so it wouldn’t be possible to open the hood from the outside of the car, which allowed thieves to disable the car’s alarm.
The official indictment lists nine suspects, three of which have been arrested in the US, while the rest are still at large (pictured below). Eight suspects are Mexican nationals, while one is a US citizen. Officials believe the gang features more members, which they have not yet identified.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.