Vote for the Tech CARS Awards deadline is 1/31.

Warning: Double Device Relay Key Fob System Hack for Thieves to Steal Your Car

MysteryDeviceInfographic-PhotoVersion-Final-11316Watch out – drivers with electronic key fobs! Car thieves are using a system to collect your key fob signal, save it and use it later. It’s called a “relay attack unit or box.” People who park their cars outside their homes on public streets can have their key fob signals copied and saved then amplified to gain access to the vehicle.

Thieves take the code send it to the signal booster, then the booster works on the car to open the doors or start the vehicle. If you have a key fob it can be copied and used by thieves, says Tim Dimoff, President of SACS Consulting and Investigative Services who reports that the two box system copies the codes and then sends it to another person further away.

To secure your car don’t use the key fob to lock it or unlock it, the signal can be copied. Use the button on the door to lock the car and read your car manual to see if standing near the door wit the fob and then tapping the button on the door will unlock your car. To be extra sure you can use a steering wheel or pedal bar lock on the vehicle.

As we reported earlier if you live near a public street, you can keep your key fob in a tin, Faraday bag or the the freezer. It will block the signal from going out into the street.

“The fact that thieves can not only open the car but start it is very frightening,” said Roger Morris from the National Insurance Crime Bureau (NICB) The devices have been tested on 35 cars and 18 vehicles were vulnerable.

Last year in December NICB reported in a series of unscientific tests at different locations over a two-week period, 35 different makes and models of cars, SUVs, minivans and a pickup truck were tested. NICB partnered with NICB member company CarMax, because they are the nation’s largest used car retailer and have nearly every make and model in their inventory. Tests were also done at a new car dealership, an independent used car dealer, at an auto auction and on NICB employee vehicles and ones owned by private individuals.

The NICB was able to open 19 (54 percent) of the vehicles and start and drive away 18 (51 percent) of them. Of the 18 that were started, after driving them away and turning off the ignition, the device was used to restart 12 (34 percent) of the vehicles.

NICB reports different devices are offered for sale to thieves. Some use different technology and may work on different makes and models and ignition systems. More expensive models may have a greater range and better capabilities for opening and starting a vehicle.

While there may not be an effective way of preventing this kind of theft at this time, NICB advises drivers to always lock their vehicles and take the remote fob or keys with them. Drivers should also be on the lookout for suspicious persons or activity and alert law enforcement rather than confronting a possible thief.

It’s also a good idea to never invite a break-in by leaving valuables in plain sight. And once thieves get inside, they can easily steal a garage door opener and valuable papers such as the vehicle registration that could lead them to your home. So take the garage door opener with you and take a picture of your registration on your cell phone rather than keeping it in the glove compartment.

This hack is different from the Nick Bilton, signal amplifier hack, where the signal of the key fob is amplified to open car door to steal expensive goods inside the car.

This is not the only way to hack into cars, Hacker/researcher George Hotz who was stopped from testing his self-driving autonomous car system, released a car reverse-engineering tool/hacking device, panda for $99.00.  Comma.ai, a company founded by Hotz, is offering software and hardware so that developers can use it to create their own car hacks and or see how car software operates.

Using of the cabana, hackers can reverse engineer the raw CAN messages from a Honda with a live USB connection to panda. There is even a deeper hacking device called giraffe that pulls signals from the the advanced driver safety systems and radar.

Read original report.