10 Tips For Cars Being Stolen With Keyless Entry That Are Unexpected

Cars Being Stolen With Keyless Entry

Car owners who throw keys on tables or near their front doors may be unwittingly permitting thieves to steal the signal. This relay attack is just one of the advanced methods criminals are using to steal brand new keys from cars.

Keyless ignition vehicles emit a low-power radio signal to find an appropriate fob. If the signal is recorded and recreated, it can be used unlock the car and to start it.

Relay Attack

Imagine your car parked in your driveway with your key fob in your home. You're confident that your car is safe, but not seen by you sophisticated thieves are planning an attack. Instead of slamming windows and jiggling locks, these thieves are leveraging technology to gain access to cars through digital chinks in their armor. Also known as relay theft, it's an increasingly common way to steal cars that have keyless entry.

The keyless entry system that is found in cars is controlled by a signal by the car's RF transmitter to the key fob. To stop unauthorized keyless entry the RF transmitters inside the key fob and car are programmed to activate only when they're within certain distance of each other. However, thieves can overcome this limitation using a technique known as the'relay attack'.

Two people are required to complete this: one stands close to the car and uses a device to capture digitally the signal coming from the key fob. The other, standing by the owner's house, uses a second device to transmit the key fob signal back down to the car. This trick tricked the car into thinking that the key fob is near enough to unlock and start the engine.

This type of heist used to require expensive equipment. Now, you can purchase a relay transmitter on the cheap online and execute an heist in a matter of minutes. This is why car thieves are enthralled by it.

All modern vehicles that have keyless access are vulnerable. Some cars are more susceptible to this type than others. Researchers have tested 237 of the most popular cars and found that all of them are susceptible to being stolen using this method.

Tesla vehicles are believed to be less vulnerable to this type of theft, however Tesla hasn't yet implemented UWB features to effectively check distances on the car's signal to stop relay attacks. The company has said that they will do this in the near future, but until then, they're vulnerable. Installing an anti-theft system that safeguards your car and your keys against these types of attacks is a proactive approach to ensure your car's security.

CAN Injection Attack

Modern vehicles are designed to guard themselves from theft by exchanging cryptographic messages with the key to prove it's genuine. This method is generally thought to be secure, but criminals have found a way to circumvent it. They can impersonate the smart key and send messages to the vehicle letting it unlock the doors, disable its engine immobilizer, then let them go on their way. To do that they have access to the smart key's internal communications network.

Today, most cars are fitted with between 20 and 200 electronic control units (or ECUs) that control various aspects of the car's operation. They communicate via the CAN bus network. To reduce power consumption, these ECUs are put into the sleep mode at low power. This mode is activated when they receive a 'wake up frame. These frames are typically sent by the ECU that is in charge of the smart key or door. However, these messages aren't always authenticated or encrypted so they can be intercepted by criminals using a cheap and simple device.

To accomplish this, they must look for a spot that allows them to connect directly to the CAN bus connector wires. They are usually hidden in the headlights or in front of the vehicle, and are accessible by pulling the bumper and cutting holes in the headlamp assembly to expose them. The thieves then employ a device dubbed a CAN injection attacker to send out fake messages that can trick the car's security systems into unlocking it and disengaging its engine immobilizer.

The devices are available on the Dark Web and work with all major car makers including BMW and Cadillac, Chrysler, Fiat and Ford, Honda, Hyundai and Jeep, Lexus and Nissan, Renault and Toyota, Volkswagen and Maserati. Researchers who have discovered the CAN Injection attack recommend that all car makers fix this in their existing models. However, these thieves will continue taking everything they can. We can stop this from happening by implementing mechanical safety measures like Discloks in every car we own and parking them in well-lit, visible areas.

The Signal is blocked

In a variant of the relay attack that employs a device, thieves can jam the signal sent by key fobs while the car is locked. The device could be found inside the pocket of a burglar in a parking area or in a hiding spot near the driveway being targeted. Once the owners hit the lock button on their fobs and walk away and leave, they don't have to think about whether or not their car is really locked. Instead, thieves can drive off with the vehicle since the signal that normally locks the car has been blocked by the crook's device.

They also use devices that amplify signals from the key fob to unlock vehicles. They may even accomplish this if the key is in the pocket of the driver or hanging from its hook in the house. After the car is unlocked, hackers can use a standard diagnosis port to create an unlocked fob.

Car manufacturers have come up with various anti-theft devices to guard against these kinds of attacks. However, criminals are constantly trying to beat these measures.

For instance, they've been using devices that transmit on the same frequency as remote key fobs to intercept their signals. The thieves then copy the unlock code of the key fob and start the vehicle using this fake signal.

This method is particularly popular in the US, where many cars are equipped with wireless technology. Owners can unlock and start their vehicle through a mobile application on their phone. This technology is likely to become increasingly popular as more and more manufacturers attempt to link their vehicles to their owners' smartphones.

It is crucial that drivers follow the best practices to park their cars. They should never leave their keys in the ignition, should always ensure that the car is securely locked when they're not using it and should use an engine or steering wheel lock, if it is possible. They should also think about installing a tracking device onto their vehicle in the event that it is stolen.

Flat Battery

This type of attack occurs more often than we think. Thieves use inexpensive devices to extend the signal from your key fob to unlock and start the car, even if it's shut off. Then they drive the vehicle to an unmarked trailer or around a corner and take the car away. Installing a starter circuit interruption switch will protect your vehicle from this. The simplest ones just have an ON/OFF switch that shuts off the starter circuit. It costs around $15 and is easy to install.

Car thieves are always working on new ways to enter vehicles and steal them. Police, car manufacturers and insurance companies are constantly trying to stay on top of the latest tactics and provide more effective anti-theft systems for modern vehicles. However, this doesn't stop thieves who can adapt quickly and find ways around the most recent anti-theft measures.

For instance, a lot of thieves use devices that operate on the same radio frequency as the fob to jam the signal. They place the device in their pocket or in a location near their vehicle, and it prevents the fob's lock command from reaching the car, leaving it unlocked. This can be accomplished in just a few seconds. The device is inexpensive and can be purchased online.

Hacking the computer system of the car is another option. This is more difficult but still feasible. Hackers have created devices that plug into the diagnostic port of all cars and allow them to connect to the software. They can then program an unfinished fob to work. This is also possible on older vehicles, but it is more difficult to do without taking off the ignition lock.

This method could become more popular as more vehicles are connected to drivers' phones. Once a criminal has the username and password to an application for vehicles they can open or start website the vehicle with the app. You can guard yourself by not putting valuables inside your car, and by parking in garages.