Various methods used to hack and steal keyless cars

 

These are the most common ways a cybercriminal can compromise a connected car

Opening a car without needing to use a key may seem very convenient, but experts in digital forensics believe that it may not be a completely safe feature. There are more and more of these cars in circulation, which has also provoked the growth of an unusual practice, the key fob hacking. With the help of very economical and easy-to-find technology and electronic accessories, the signal from these key fobs can be intercepted or blocked relatively easily. Just imagine, a thief opens your car and takes it without firing any alarms, a truly alarming scenario.

According to FBI reports, car theft cases have entered a downward spiral since 1991, when they showed their highest peaks. However, these figures have been moving slowly, but steadily, since 2015. In fact, there was an increase of 3.8% in car theft cases in 2015, an increase of 7.4% in 2016 and another increase of 4.1% just in the first half of 2017.

To fight this upward trend and prevent your car from becoming a more statistic in car theft, awareness on this issue is a fundamental element.

So, to be better prepared against this new criminal wave, digital forensics experts from the International Institute of Cyber Security report on the main methods for hacking the system of a keyless car:

The relay

keylesscar01

Keeping your key fob on always represents a serious threat for your car’s safety. As long as the keys are within range of the signal, anyone can open the car and the system will think it is the owner. That’s why newer car models will not unlock until the key fob is one foot away at least.

However, criminals can get relatively cheap relay boxes that capture key fob signals up to 300 feet away and then transmit them to the victim’s car.

This is how it works: A thief gets up close to your car with the relay box, while an accomplice scans your home with another device as well. When the key fob signal is captured, it is transmitted to the relay box closest to your car, so the vehicle will open. In other words, your keys could be in your house and the criminals could walk to your car and open it. This is not just a hypothesis, since multiple cases have already been presented.

According to German Automotive Club, the car models most vulnerable to this attack are:

Audi: A3, A4, A6

BMW: 730d

Citroen: DS4 CrossBack

Ford: Galaxy, Eco-Sport

Honda: HR-V

Hyundai: Santa Fe CRDi

Kia: Optima

Lexus: RX 450h

Mazda: CX-5

Mini: Clubman

Mitsubishi: Outlander

Nissan: Qashqai, Leaf

Vauxhall: Ampera

Range Rover: Evoque

Renault: Traffic

Ssangyong: Tivoli XDi

Subaru: Levorg

Toyota: Rav4

Volkswagen: Golf GTD, Touran 5T

Remote interference

keylesscar02

In this scenario, criminals will block your signal, so when you issue a lock command from your key fob, it will not reach your car and the doors will remain unlocked, so the thieves have free access to your car.

Security advice: To prevent this from happening, always check your car’s doors manually before moving away. You can also install a steer lock to prevent car thieves from driving the vehicle, even if they already got in.

Tire pressure sensor hijacking

keylesscar03

This is a recent technique, but it has already been put into action: criminals hijack their tire sensors to send false readings on tire pressure. What do they look for? This way they can force the driver to stop their car, thus generating the conditions to attack them. It sounds a little crazy, but this scheme is being put into practice.

Security advice: If you need to check your tires, always stop in a public, well-lightened, crowded area, preferably at a service station or in a workshop where you can ask for help.

 

Telematic Exploit

keylesscar04

One of the most recent words related to these cars is something called telematics. What is telematics? It is a connected system that can remotely monitor the behavior of your vehicle. These data may include your car’s location, speed, mileage, tire pressure, fuel usage, braking, engine and battery status, driver behavior, and more.

But everything that is connected to the Internet is vulnerable and exploitable, telematics is no exception. If hackers manage to intercept your connection, they can track your vehicle and even remotely control it, a frightening possibility.

Security advice: Before purchasing a car with a built-in telematic system, consult an information security and digital forensics expert about the cybersecurity measures required by a car connected to the Internet. If your car has this system, make sure the software is always updated.

 

Network attacks

keylesscar05

In addition to the possibility of compromising a car through telematics, hackers can also generate denial-of-service conditions to attack your car and potentially collapse critical functions such as airbags, manual brakes and door locks. Since some connected cars even have built-in WiFi features, this attack is completely feasible. Just like conventional WiFi networks, they can even steal your personal data if they manage to infiltrate your car’s local network.

Besides, it’s a matter of physical security. Remember, modern cars are handled basically by multiple computers and engine control modules (ECM) and if a hacker manages to shut down these systems, your physical integrity would be in serious danger.

Security advice: It is strictly mandatory to change your car’s WiFi network password in a regular basis.

 

On-board diagnostic Hack (OBD)

keylesscar06

Did you know that virtually all cars have a diagnostic port on board? Commonly known as OBD, this is an interface that allows mechanics to access your car’s data to read error codes, statistics and even program new keys. It turns out that anyone can buy exploit kits that use this port to replicate keys and program new ones to use in the theft of other vehicles. That’s something no one will want to experience for themselves.

Security advice: Always go with a reliable mechanic. In addition, manually locking the steering wheel always helps.

 

Phishing in the car

keylesscar07

This old-school attack is also opening its way to attacking cars connected to the Internet, specifically the models with integrated browser.

That’s right; hackers use the classic phishing scheme to send emails and messages with malicious links and attached files that can install malware on your car’s system. As usual, once the malware is installed, anything could happen. Even worse, car systems do not have built-in malware protections, so it can be difficult to detect.

Security advice: Always keep the best practices in computer security, even in your car. Never open emails or suspicious messages, or follow links from unknown sources.

What about car insurance?

Unfortunately, the increase in car theft not only raises the risk for your keyless car, but it can also raise insurance rates.

If you have a keyless car, check your car’s safety and see if it is covered against such incidents. Since these crimes are relatively new, there may be some confusion as to who should be held responsible for one of these crimes; will it be the driver, manufacturer or developer of the car software?

According to a specialized firm, most car insurance policies have already solved this scenario:

  • Drivers have an insurance policy that covers manual and self-driving modes
  • If the driver of a self-driving vehicle inflicts injury or damages to a third party, this third party may claim the driver’s car insurance no matter what driving mode the car was in when the accident occurred.
  • Here is the part that covers car theft due to key fob hacking and wireless devices. Apparently, drivers will not be responsible for flaws and vulnerabilities in their car systems and may file a claim if they are injured or have suffered losses due to such errors

In reference to the theft and hacking of cars using the relay box, the firm said that insurance companies will pay while the owner has taken reasonable measures to protect their vehicle. However, if your particular car model is a common theft target, insurance companies could charge higher premiums.

To stop relay attacks

It is important to have the best possible protection against these new car crimes.

There are some very easy ways to block key fob attacks. You can purchase a signal lock bag that to store the key fob, such as a shielded RFID lock bag, as reported by experts in digital forensics.

The refrigerator could work

If you don’t want to spend money, you can put your key fob in the refrigerator or freezer. The multiple layers of metal block the signal from your key fob. Just consult with the manufacturer of the device to ensure that the low temperatures do not damage your key fob.

Even the microwave is a good choice

If you do not want to freeze your key fob, digital forensics experts recommend storing it in the microwave oven (just remember not to turn it on). Keep your key fob in the microwave and criminals will not be able to catch its signal.

Wrap your key fob in foil

Since the metal blocks the signal from your key fob, you can also wrap it in foil. While that is the easiest solution, it could also be inadequate if it is not done well. Also, you may have to buy rolls and rolls of paper. You can also make a box lined with aluminum foil to store your keys, if you are in the mood to do crafts.