Hacker Steals, Drives Away Jaguar XFR Exploiting Flaw in Wireless System

A silver Jaguar XFR parked in a parking lot in Auckland, New Zealand was stolen with the help of a hacking device that sends out a fake signal mirroring a wireless key.

According to the CCTV footage, the hacker just walked up to the car, opened the door and drove away. This quite clearly depicts how easy it is to open cars which have a wireless system installed.

But, this is not the first time a car has been stolen like this. In 2014 alone 6000 cars have been stolen in London with this type of hacking.

What makes these hacks so simple is the availability of the hacking devices. Hacking devices for opening lock system of a car are easily available over the internet and are very easy to configure.

The manager of the dealership said:

“This guy is a professional, it’s sophisticated. It’s something that has been organised. It’s not your everyday car theft. We never heard anything and only realised an hour later … that the car was missing,” reports the NZ Herald

vulnerability-in-wireless-car-locks-make-them-easy-steal-for-hackers-2
CCTV Footage shows thief hacker stealing the JFR within seconds / Image Source: NZ Hareld.

In a country like New Zealand such crimes are very rare and it’s highly unlikely that the hacker will sell the cars or its components as it can expose his identity easily. But, why is it so easy to hack wireless locking systems? Basically, car security locks work on the authentication of the unique key provided for the car and it’s very easy for the hackers to produce a carbon copy of that key.

In spite of wireless locking system being so vulnerable to hacking, lack of reported hacks show such incidents are a rare occurrence.

However, one question still remains; how does the hacker really hack the cars? What’s the process? 

The hacking exploit begins when the attacker activates the hacking device which is both a jamming and a signal capturing device, in the vicinity of a vehicle where the owner’s first attempt to unlock the car fails due to the jamming signal used by the hacking device.

Two things have happened already. The wireless signal released by the owner’s key has been captured by the jamming and hacking contraption.

The owner’s 2nd attempt to use the keyless entry again will have the opportunistic hacker activate the car unlock from his key while the car owner thinks that he or she has unlocked it instead.

HISTORY OF VULNERABILITY IN VEHICLES: 

In the Black Hat USA 2015 session, two security researchers namely Charles Millerand Chris Valasek give a presentation about their discoveries related to the security vulnerability they found in the onboard infotainment system of all the vehicles manufactured by Fiat Chrysler Automobiles, leaving more than 470,000 vehicles vulnerable to these similar hacking attempts. 

Using this vulnerability, both of these hackers managed to remotely take control over the vehicle, which allowed them to manipulate the vehicle’s brakes, acceleration, entertainment system and what not.

Another hacker demonstrated how hackers could locate, unlock and start GM cars with a hacked mobile app and how to hack Corvette with a text message.

During the same the DefCon and BlackHat security conferences, researchers also exposed how hackers could easily exploit the vulnerabilities found within the Megamos Crypto to start the vehicle without any key, and the vulnerability could be exploited within 60 minutes!

SourceNZ Herald
 

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.