How thieves can 'hack' into your car key
- Posted on: 17th Apr 2018
It might sound a bit like a conspiracy theory, but car owner Kieran Bingham is advising others to wrap their keys in tin foil.
The software engineer discovered his car had been broken into by high-tech thieves using a fake wireless key fob.
The stealthy crime, known as a 'relay' attack, saw thieves break into Kieran’s 2016 Seat Leon on the night of Wednesday, April 12.
SEE ALSO :Case against house-help accused of killing employer delays
Kieran posted about the event on a local Facebook page and was instantly flooded with responses – he thinks there were at least eight similar attacks on the same night.
“We always lock our doors”
“It was on Thursday morning,” Kieran told the Bristol Post.
“I was putting my baby son in the car and my wife Keri asked if I had been in the car overnight.”
Kieran said no, but when the couple checked they found the glove box had been opened and items were scattered around the car.
SEE ALSO :SIM card fraud: Why it hurts when it hits
“Everything was disturbed, luckily there wasn’t anything of high value in the car – they got away with £1.50 in change – so clearly a good night’s work for them,” said Kieran.
The family’s first thought was they maybe they had left their car unlocked and an opportunist had simply opened the door and gone through their things.
“But we are absolutely meticulous about locking our car because it folds the wing mirrors in,” Kieran explained.
"Someone is going round hacking wireless keys”
That left only one option. Luckily, as a software engineer Kieran was already aware of relay attacks.
SEE ALSO :What to consider before buying second hand car
He posted on his local area Facebook group saying: “Hackers can open your car using your remote fob while it's in the house. Has anyone else had someone snooping around in their car overnight?”
It turned out many of his neighbours had.
“The thread went crazy, we had over one hundred responses,” he said.
“I had private messages from people too – as far as I can tell this happened to at least eight other cars in the area, all on the same night.
“My thinking is someone is going round hacking wireless keys.”
SEE ALSO :One in five bosses less likely to promote pregnant woman
Kieran did some research and explained that there were two different ways crooks can hack keyless cars.
What is a relay attack?
The first is a relay attack. This works on cars where the door opens automatically when the wireless key fob is nearby.
Normally the range of a key fob is between five and ten metres, but crooks can boost that signal with a clever bit of kit.
“They hold one end near the car and put the other end near to front door, to try and pick up the signal from the keys inside,” Kieran explained.
This boosts the range of the key fob signal, tricking the car into thinking the fob is nearby so it unlocks the door, when in reality the fob is still inside the owner's house.
“That’s why I’ve wrapped it in foil, to stop the device finding your keys,” explained Kieran.
He has now purchased a special “faraday cage pouch” to replace the tinfoil.
The Car Key Signal Blocker Case is available on Amazon for under £10 and provides some protection against signals getting through to wireless keys stored inside.
Millions of vehicles at risk
The second kind of attack exploits a vulnerability in a chip that millions of wireless keys use.
Kieran explained: “Although the key codes are different for each car, most cars use the same chip called a HiTag2.
"There’s a whole range of cars using the same device to run this system.
“If you can push a button to open your central locking there’s a strong chance you’re vulnerable.”
Kieran spoke to a friend who works in cyber security. His company had been testing out how crooks exploit these vulnerabilities in wireless keys.
“He told me you can buy a device for £30 that will let you do this," Kieran said.
“So if you have £30 and the knowledge you could hack a car.”
“Our cars are vulnerable"
This kind of crime is on the rise nationally and researchers have found that 110 cars from 27 different manufacturers are vulnerable to relay attack car thieves.
Keiran says he wants to make others aware of the risks and raise the profile of this new high-tech crime wave.
“Many people on social media said this had happened but they didn’t report it to police,” he said.
“If people have had their cars broken into and not reported it then the police won’t see it.
“If someone is going around unlocking cars, but only the one person who got something stolen reports it, then the police will only have one report of this happening, but it is a massive vulnerability.
“Our cars are vulnerable. You buy a new car and you think it is safe but actually you’d be better off with an older car that doesn’t have these remote locks.”