NICB Uncovers Car Theft 'Mystery Device'
December 07, 2016
CARS.COM – Hearing auto-theft analysts describe so-called mystery devices for hacking into cars in latest years has been a little like watching characters in a Cold War spy movie pursue down a stolen top-secret weapon, uttering some version of the line, “If this thing falls into the wrong arms. ” Only now, according to a just-released report on these advanced remote car-theft gadgets by the Illinois-based National Insurance Crime Bureau, that’s precisely what has happened.
Purportedly developed and sold by legitimate European manufacturers (unnamed in the report) to permit automakers to test the security vulnerabilities of their own vehicles, these “relay attack units” evidently have been acquired – and used – by American car thieves. NICB investigators recently got their palms on one of the devices through a third-party security experienced and reportedly were able to unlock, commence and drive away in more than half the vehicles on which they made attempts.
NICB investigators were able to unlock nineteen of the thirty five different makes and models they tested, and commence and drive away in eighteen of them. Moreover, after turning off the engine in the cars investigators were able to drive away in, they were able to use the device to later restart a dozen of them without the original key fob present.
The only commonality among all the vehicles successfully hacked into during testing was that they were tooled with keyless entry and push-button commence. Researchers conducted the tests over a latest two-week period after acquiring the device.
Types of vehicles tested included cars, minivans, SUVs and a pickup truck from varied makes, models, model years and automakers both American and foreign, and were conducted at new-car dealerships, an independent used-car lot, an auto auction and on NICB employee vehicles and privately wielded ones. NICB chief communications officer Roger Morris told Cars.com that among vehicles tested, for example, efforts to hack into model-year two thousand seventeen versions of the Chevrolet Camaro, Cruze, Impala and Malibu all failed, while researchers were able to infiltrate two two thousand sixteen Impalas. Chevrolet did not instantly react to a request for comment.
For the device to work, the targeted vehicle’s key fob must pass within about ten feet of the relay component of the two-device theft mechanism, NICB explained. That device captures the signal and sends it automatically to a 2nd device placed up to toughly ninety yards away. The 2nd device is then placed near the car door to unlock it, and then placed near the ignition switch to commence it and drive away. A pair of thieves could pull the scam lightly in a motel parking lot as an unaware car possessor pulls in and exits their vehicle, Morris suggested as an example.
Albeit NICB officials aren’t putting it this way, it’s a bit of an I-told-ya-so moment for the bureau, which tracks and investigates insurance crimes. They’ve been issuing public warnings about these car-theft “mystery devices” for the past duo of years, but until now the only compelling evidence for their existence was mysterious theft incidents caught on surveillance cameras – providing the discussion an almost folkloric dimension.
“After witnessing it work,” Morris told Cars.com, “I think the skepticism is gone.”
Now, Morris said, “we’re attempting to help law enforcement around the country learn about it, make them more aware of it.”
The report also goes after a latest uptick in auto theft nationwide, which comes amid decades of plummeting crime statistics in general and auto theft in particular. For years, anti-theft advancements in car technology have made vehicles all-but-impossible to steal. But NICB has maintained that as cars get firmer to swipe, thieves inevitably get cleverer.
“While there’s no real way to stop this right now that we’re aware of, it’s the ongoing tug-of-war inbetween the manufacturers and the hackers,” Morris said.
In the meantime, he said, “Hopefully they’ll be aware of it and are working permanently to improve their systems.”