Car thieves have come up with yet another way to steal your car, and this one is rather creative, according to Yahoo News.
Referred to as “headlight hacking,” experts at Automotive Labs warn that it is a bit more complicated.
The method of theft begins at your car’s headlight module, but the only reason thieves have chosen this point of entry is because it offers them the easiest way to get hooked into a vehicle’s Controller Area Network (CAN) bus system.
For those unfamiliar, the CAN bus system of a vehicle is the method by which the numerous engine control units throughout a modern vehicle communicate with each other. Thieves are using this central nervous system to their advantage by executing an attack referred to as “CAN injection.”
Someone has developed a tool (disguised as a JBL Bluetooth speaker and sold on the dark web) that when wired into a vehicle’s control CAN bus, can impersonate the vehicle’s key fob.
The good news: a thief trying to steal a car this way will need to do some real work to get it
The vehicle used as an example is a current-generation Toyota RAV4, but it’s vital to note that this vulnerability is not specific to any particular OEM or model — this is an industry-wide problem at the moment.
Thieves are pulling bumpers and trim pieces away from a vehicle, which allows them access to the CAN bus near the headlight connector.
Much of a vehicle’s CAN bus systems will be found hidden deep inside a car, but since modern headlights are so smart these days, they require their own ECUs, which means they’re going to be wired into the whole car’s CAN bus system.
Once thieves find the correct wires to tap into, the theft device does the work for them. A simple “play” button on the fake JBL speaker injection tool is programmed to instruct the door ECU to unlock the doors, as though you have the actual key to the car in your hand.
You turn the vehicle on in a similar fashion, and a thief can simply drive away with your car without ever coming into contact with the vehicle’s actual key fob.
As of this article’s publishing, there isn’t a great defense against this sort of theft. On the good news front, a thief trying to steal a car this way will need to do some real work to get it.
Ripping off body panels takes time, and so does wiring into the car. Basically, a thief would need to have uninterrupted access to your vehicle in a private area to make it work. Additionally, Dr. Ken Tindell of Canis Automotive Labs suggests that fixes for the problem are possible.
The initial fix he suggests automakers roll out would be a software update that recognizes the sort of activity on the CAN bus systems that this injection tool sends out.
This could thwart the tool in the short term, but Lindell believes that thieves will find a way around it in the long term.
As for a permanent fix, Lindell believes that a “Zero Trust” approach to CAN bus systems is the only way to go. Every message from one ECU to another would need to be encrypted and carry authentication codes that can’t be spoofed.
To read more, click here