A number of cars have been identified as the most vulnerable to have their key fobs hacked in ‘keyless’ car thefts. The method involves using two relatively-cheap devices to ‘trick’ a vehicle into thinking its entry fob is nearby. Art Dahnert, Managing Consultant at Synopsys commented below.
Art Dahnert, Managing Consultant at Synopsys:
“A relay box is used to capture and re-transmit the radio signals of a modern vehicle key in order to fool the vehicle into thinking that the key is in near proximity to the vehicle. Often the key is far enough away from the vehicle when the owner parks it and goes inside a building, such as his house, that the vehicle can’t be opened or started. What a relay box does is make it seem to the vehicle that the key is near enough or next to the vehicle in order to open the driver’s door. On some new models, the RKE (Remote Keyless Entry) system that the vehicle uses for entry and vehicle starting only require the key to be within a small radius of the car, usually only a few feet.
“Typically, two parts of the “Relay Box” are required, the component that captures and transmit the signals from the key and it’s corresponding component that works within the vehicle’s RKE entry radius. An individual will try to get close to the key in the building or house, usually by the front door or window, since most owners keep their keys by the front door or hall way. Another individual will remain close to the vehicle trying to get as close to the RKE controller’s antenna. A lot of the specifics for the attack will depend on how powerful the “relay box” is, which means that a powerful transmitter/antenna combination in the two components will allow more flexibility in the distances involved during the theft. This attack allows you to enter and drive off with the vehicle, however depending on the design of the vehicles system it may not allow you to restart it. Unfortunately, the vast majority of models allow a restart to happen.
“The best way to prevent this type of attack is to use a steering wheel lock or an additional type of immobiliser, usually found in aftermarket alarm systems. Another way to prevent this attack is to block the key signals using a Faraday bag or box. This is where you’d store your keys when they are not in use. In reality any metal container that prevents the radio signals from being captured will work, some people even suggest the family freezer. “
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.