These are the most common ways a cybercriminal can compromise a car.
Open a car without using a key can be very convenient, but digital forensic experts believe that this method is not 100% safe. There’s a high amount of traffic and it continues growing, so at the same, it began a new kind of practice: the keychain hacking. With the help of technological and cheap accessories and techniques, the signal of these keychains can be easily blocked. Just think about it, a thief opens your car and drives it without triggering any alarm, it’s really worrying.
Watching the FBI’s reports, the raiding cars scenarios have entered on a descendant spiral since 1991, where they had their higher reports. However, this numbers have been growing, little by little, but constantly since 2015. In fact, there was a 3,8% more of raiding cars in 2015, a 7,4% more in 2016 and another 4,1% more in the first term of 2017.
To fight against this tendency and avoid that your car is added to those reports, the awareness-raising about this problem is essential.
So, to be prepared against this new criminal wave, digital forensic experts from the International Cybersecurity Institute inform about the main methods of hacking the keychains:
RELAY Usage
Keeping a keychain turned off all the time presents a serious threat in the car’s security. As the keys are in range of the signal, anyone can open the car and the system will think that is the owner. That’s why the newest car models won’t open until the keychain is literally next to the car.
However, the criminal can get cheap relay boxes that captures the keychain signals at 300 feet distance and then they transmit it to the victim’s car.
That’s how it works: the thief stays near the car with a relay box and at the same time, a teammate scans the house of the victim with the same device. When they get the keychain signal, they transmit it to the closest relay box to the car and it opens. So, you can even be at home and have your keys at home and the criminal could capt the signal, walk to your car and open it. That’s not a guess, there have been several cases where this threat happened.
German Automotive Club said that the most vulnerable models are:
Audi: A3, A4, A6
BMV: 730d
Citroen: DS4 CrossBack
Ford: Galaxy, Eco-Sport
Honda: HR-V
Hyundai: Santa Fe CRDi
Kia: Optima
Lexus: RX 450h
Mazda: CX-5
Mini: Clubman
Mitsubishi: Outlander
Nissan: Qashqai, Leaf
Vauxhall: Ampera
Range Rover: Evoque
Renault: Traffic
Ssangyong: Tivoli XDi
Subaru: Levorg
Toyota: Rav4
Volkswagen: Golf GTD, touran 5T
Remote Interference
In this scenario, the criminal will block the signals, so when you try to give a block command with your keychain, that signal won’t arrive to the car, and the doors will keep unlocked. So the criminals just need to come and open them themselves.
A security advice: To avoid this problem, always check by yourself if the doors are properly closed. You can also put a steering wheel block so even if they enter the car, they can’t use it.