Tools for unlocking modern cars are easy to get
Car theft has always been a common crime, and thieves will find a way to bypass new safeguards set up by manufacturers. The newest method adopted for both convenience and security is called a “keyless entry system.” It allows users to lock and unlock a car, and even start it, without a physical key.
But a key of some type is still required — and it comes in the form of a signal or a code the keyfob sends wirelessly to the car when certain proximity requirements are satisfied. So, thieves are dropping their slim jims, ground keys and slide hammers in favor of code/signal grabbers and hacker software. The business is the same, only the tools of the trade have changed.
Someone with the right tools and knowledge could easily unlock a car these days. And they don’t need to go far for either of them, because the information and software are freely available on the internet, and the hardware gadgets can be purchased legally. Cybersecurity professional Jacob Archuleta highlights the simplicity of the process by testing the attack on his Mustang GT.
All he needed was the HackRF, a software-defined radio (SDR) gadget priced around $300, and the Universal Hacker Radio (UHR) software. Apart from these, a regular computer will do. All this is accessible online without having to land on shady underground forums. What’s more, they are not the only tools that can do the job.
The purpose of the SDR hardware is to tune into the frequency the vehicle uses for receiving the lock/unlock signal and intercept it on its way from the keyfob. The UHR software is designed to investigate various wireless protocols, and it can store the codes and send them out on command.
Determining the frequency may seem like an obstacle for the thief, or at least an issue they would spend more time testing. Far from it! Operating over a particular radio spectrum requires a license, and information about it is present online, either free of charge or for a ridiculously low price.
As uncomplicated as this attack is, it does have limitations. With passive keyless entry systems, which lock and unlock the car based on proximity, amplifiers are necessary to carry the signal from the keyfob to the car. If the process relies on codes, the attacker needs to capture them at the moment the owner deploys them.
None of these constraints pose a problem for professional car thieves, though, as they can use relay boxes to amplify the signal from the keyfob inside the house to the car in the driveway; if the entry system relies on codes, thieves can intercept them when the owner unlocks the car and use them at a later time.
If your car uses the passive keyless entry system, keep the keyfob in a pouch that blocks the signal, also known as a Faraday bag.
Image credit: Arcaioncar car theft radio frequency relay attack replay attack tool