Cars Being Stolen With Keyless Entry

Car owners who toss keys on tables or near their front doors may be unwittingly permitting thieves to steal the signal. This relay attack is just one of the advanced methods criminals are using to steal brand new keys from cars.

Keyless ignition vehicles emit an low-power radio signal that is in search of a fob that can respond. If the signal is recorded and recreated, it could be used to unlock the car and begin it up.

Relay Attack

Imagine your car in your driveway, and your key fob in your home. You're sure that your spare car key stolen what to do is safe, but not seen by you sophisticated thieves are planning an attack. Instead of slamming windows or jiggling locks, they are leveraging technology to hack into cars via digital chinks in their armor. Also known as relay theft, it's a more common method of stealing vehicles with keyless entry.

The keyless entry system in cars is controlled by a signal sent by the car's radio transmitter to the key fob. To stop keyless entry by unauthorised persons the RF transmitters that are on the key fob as well as the car are programmed only to turn on when they are within a specified distance from each other. The thief can bypass this restriction by employing a method known as the relay-attack.

Two individuals are required to perform this: one person is near the car and utilizes a device to capture a digitalized version of the the key fob. The other, in the vicinity of the home of the owner and using a second device to transmit the key fob signal back to the car. This trick tricks the car into believing the key fob has reached an adequate distance to unlock and start the vehicle.

In the past, this type of heist required expensive equipment to carry out. But now, you can purchase a relay transmitter on the inexpensive online market and carry out the heist in just a few minutes. This is why it's popular with car thieves.

All modern vehicles with keyless access are at risk. Certain cars are more vulnerable to this type than others. Researchers have tested 237 of the most popular automobiles and found that all of them are susceptible to being stolen through this method.

Tesla vehicles are supposedly less prone to this kind of theft, however, Tesla hasn't yet implemented UWB features to effectively perform distance checks on the car's signal and prevent relay attacks. The company has stated that they will do this in the near future, however until then, they're vulnerable. That's why it's essential to be proactive about your security in your car and install an anti-theft kit that safeguards your keys and vehicle from these kinds of attacks.

CAN Injection Attack

Modern vehicles can defend themselves from thieves by transferring encrypted messages using the key in order to verify its authenticity. The system is generally believed to be secure, but thieves have found a way around it. They just impersonate the smart key and send other messages to the car, letting it unlock the doors, disable its engine immobilizer, and then leave the car. To do that they gain access to the smart key's internal communication network.

These days, most cars are equipped with between 20 and 200 electronic control units (or ECUs) that control various aspects of the car's operation. They communicate using an electronic network known as CAN bus. To reduce power consumption the ECUs enter a low-power sleep mode that's activated when they receive a wake up frame. These frames are usually sent from the door or smart key receiver ECU. These messages aren't always authenticated or encrypted. This means that criminals can take them over with the use of a cheap and simple device.

They look for a place where they can connect directly to the wires for CAN connection. They usually hide in the headlights, or in other areas of the front of the vehicle. To get them, you must remove the bumper and make holes in the headlamp assemblies. The thieves employ an instrument known as an CAN injection attack to send fake messages that can trick the security systems of the my car key was stolen to unlock and disable the engine immobilizer.

These devices are available for purchase on the Dark Web, and work for all major car makers including BMW, Cadillac, Chrysler, Fiat, Ford, Honda, Hyundai, Jaguar, Jeep, Lexus, Nissan, Renault, Toyota, Volkswagen, Maserati, and more. Researchers who have discovered the CAN Injection attack recommend that all car manufacturers fix the issue in their current models. However, these criminals will continue to steal whatever they can. The best we can do is to attempt to stop this from happening by putting in mechanical security measures like Discloks on all our cars, and making sure that they are parked in well-lit areas that are clearly visible to people passing by.

Jamming the Signal

In a variation of the relay attack, which employs a device, thieves can jam the signal transmitted by the key fob when the car is locked. The device may be in the pocket of a burglar in a parking space or in a hidden spot near the driveway that is being targeted. The owners don't know if the vehicle is locked when they press the lock button. Instead, thieves can drive off with the vehicle since the signal that normally locks the car has been blocked by the crook's device.

They also have devices that amplify signals from the key fob to unlock vehicles. The crooks can do this even if the key is inside a pocket of a driver, or hanging on a hook inside the home. Once the car has been unlocked, hackers can make use of the standard diagnostic port to program an unlocked fob.

To safeguard against this kind of attack, car makers have created a variety of anti-theft devices. But thieves always come up with new ways to beat these measures.

They've begun using devices that transmit at the same frequency as remote keyfobs in order to intercept signals. The crooks then copy the key fob's unlock code and then start the car with this fake signal.

This technique is especially popular in the US and Europe where many vehicles are sold with wireless technology that lets owners unlock and start their vehicles by using a mobile application from their phones. This technology is expected to become increasingly popular as more and more companies try to connect their vehicles with their owner's smartphones.

It is crucial that drivers use best practices to park their cars. They should never leave their keys stolen in the ignition and always lock the car when not in it. If possible it is also recommended to use a gearstick lock or steering device. It is also recommended to consider installing a tracking device to their car in case it is stolen.

Flat Battery

This type of attack is more common than people think. The thieves employ inexpensive devices that extend the signal of your key fob to enable it to unlock and start your car if it is off. Then they drive the vehicle to an unmarked trailer or around a corner to take the car away. Installing an interruption switch to the starter circuit can protect your vehicle from this. The simplest ones just have an ON/OFF switch which interrupts the starter circuit. It's about $15 and is easy to install.

Car thieves are constantly looking for new ways to rob vehicles. The police as well as car manufacturers and insurance companies are always trying to catch up to their tactics and offer better anti-theft solutions for modern vehicles. But that doesn't stop thieves who are able to change quickly and find ways to circumvent the most up-to-date anti-theft systems.

For example, many criminals use a device that works on the same radio frequency as the fob to block the signal. The device is put in the pocket or close to the vehicle and blocks the fob from sending the lock command to the vehicle. This can be done within minutes. The device is affordable and can be purchased on the internet.

Hacking the computer system of the car is an alternative option. This is more difficult but possible. Every car has an diagnostic port, and hackers have designed devices that plug into them and let them access the software in the car. From there, they are able to program an unfinished key fob and make it work. It is also possible to do this on older vehicles, however it is more difficult without removal of the ignition lock.

This technique could become more popular as more vehicles are connected with drivers' phones. Once a burglar has gained the username and password for a vehicle app, they can then open the car or get it started using the app on their phone. You can help be safe from these kinds of attacks by not leaving valuables in your car and putting it in a garage or secured parking lot.