This $20,000 Nintendo Game Boy can hack and steal any keyless Mitsubishi Outlander in a minute. Never seen before cybercriminal tool

Authorities in the British city of West Yorkshire announced the arrest of three individuals accused of using a sophisticated device capable of deceiving the security systems of some models of keyless cars, which allowed them to steal more than 30 Mitsubishi Outlander keyless cars between May and July this year.

During their crimes, this group employed a device disguised as a Game Boy console to send a signal to these keyless cars, making the affected system believe that they were using the legitimate opening device.

Dylan Armer, Thomas Poulson and Christopher Bowes were arrested July 20 after stealing a car from the entrance of the home in Scholes. The recordings of a security camera allowed verifying that the defendants placed this false Game Boy to open and start the car, leaving as if they were the owners.

According to Detective Vicky Vessey of the Leeds District Crime Team, the three individuals engaged in the theft of dozens of cars, generating tens of thousands of dollars in losses for the victims.

Cybersecurity specialists mention that this class of devices can be found for more than $ 20,000 USD on the black market and allow compromising a wide variety of models of keyless car in a matter of seconds. As if that were not enough, the British authorities recognize a considerable increase in the reporting of this kind of incidents, with very few cars recovered after the theft.

In the videos recovered by the authorities, the defendants can be seen hanging around the area of the robbery and manipulating one of the stolen cars. In addition, during his arrest the authorities seized a smartphone that stored some videos with a kind of tutorial for the use of this hacking Game Boy.  

While Armer and Poulson pleaded guilty to the charges brought against them, Bowes says he was only driving a vehicle used by the group during their attacks. The three individuals are awaiting their sentences, which could reach up to 33 months in prison, probation and the payment of fines equivalent to the losses generated in the robberies.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.