Hackers Stole A £60,000 BMW

Doing little more than holding a bag up to the front door of a house a thief can steal a BMW.

Days after a Mercedes was said to have been taken in a similar way, a £60,000 BMW X5 vanished from its owners’ drive as they slept. The thieves were caught on CCTV using some sort of transmitting device inside the bag which is thought to extend the signal from the car’s keyless fob which was inside the house. 

How does the Technique Work?

Criminals stand near houses with a device that picks up the signal of the car key and relays it to an accomplice standing near the car with another transmitter, which unlocks and starts the vehicle.Drivers have been advised to take precautions such as turning off the fob’s radio signal, achieved on Mercedes cars by clicking it twice, or storing it in a metal-lined container.   

The car uses a keyless start system meaning it can be unlocked simply by having the fob close by. Both vehicles were stolen in Essex, prompting fears a gang is targeting new ‘keyless’ cars with high resale values.

Security expert Ray Anderson, whose firm covers Essex, said it was the fourth such theft he had heard of in the last four months. He warned the only way to protect against it may be to keep key fobs inside a metal box. There has also been advice to keep them in the fridge.
‘The metal blocks the signal,’ said Mr Anderson, of Classic Security Solutions. ‘We think these keyless fobs continually emit a signal. You can turn them off but most people don’t.
‘We think, from analysing CCTV, [the thieves] are using a device to extend the signal which makes it appear the fob is closer than it is.
‘Nothing special is required to use it. This whole thing was over in five minutes and there is not much chance of them getting it back.’

The owners were asleep when the car was stolen from their driveway at around 2am on April 4. They only realised it had gone the next morning. They did not want to be identified but have released the CCTV footage from their security cameras to warn others.

They said: ‘We are extremely concerned our BMW could be stolen in this way. We see this as a significant security breach.’ In the CCTV, two men can be seen sprinting towards the house. One goes to the car door while the other, holding a bag, stands by the front door of the house.

One of the men can then be seen moving the bag around outside the front door, apparently trying to detect a signal. Moments later, the car lights come on and the two men are inside and away. CCTV also showed the £35,000 Mercedes C220 being taken from a driveway in Grays on April 11. In this case the thieves went through a similar routine, with one man waving a bag near the wall of the house.

The car owners said the fob was stored at the back of their home, far from the drive. 

But they believe the thieves managed to hack it and extend its reach. Keyless vehicles do not have traditional ignition keys, instead coming with a plastic fob that contains a computer chip and security code.
When the fob is nearby, the code is detected by the car’s computer, allowing the driver to start the engine at the press of a button.

It is thought that thieves could be using a ‘relay’ strategy with a pair of radio transmitters. One gets as close as possible to the key fob inside the house by holding a transmitter close to the wall. The second holds his device by the car door. The devices relay a signal to unlock the vehicle.
Mercedes said it was not aware of any thefts relating to keyless start systems and said all its vehicles had extensive security systems.

A BMW spokesman said it was hard to tell from looking at stills of the theft how the car was stolen. He added: ‘This form of theft would appear to be extremely rare.’

An Essex police spokesman said: ‘We take car theft seriously and use a range of tactics to detect this.’ 

DailMail:

You Might Also Read:

Hackers Could Turn Off Your Car Engine – While You Are Driving:

Older Cars Can Connect To Modern Smartphones:

Twelve Things To Know About Self Driving Cars:

 

 

« NATO Cyber War Games 2017: Czechs Win
Cybersecurity Has A Metrics Problem »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Netskope

Netskope

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

Secmentis

Secmentis

Secmentis is a cyber security consultancy specializing in penetration testing, threat intelligence, and proactive defense for your IT infrastructure.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

McIntyre Associates

McIntyre Associates

McIntyre Associates is an Executive Search boutique specialized in recruiting for the Cybersecurity industry. Our clients range from Venture Capital backed startups to Fortune 100 companies.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

ECS Ethiopia

ECS Ethiopia

ECS Ethiopia provides Ethiopia’s leading institutions with top cyber-security expertise and technology to enable them to overcome risks and market barriers enabling them to grow their business.

Myntex

Myntex

Myntex® builds the future of mobile security. We empower our partners to deliver exclusive mobile endpoint security software, fortifying against mobile threats, device exploits and data exfiltration.

SecureClaw

SecureClaw

SecureClaw offers specialized cybersecurity consultation, various products, and a range of services to meet your company's business domain needs.

Novem CS

Novem CS

Novem CS are bespoke cyber security specialists providing a highly effective and specialised approach to solving your cyber security challenges.

BuddoBot

BuddoBot

BuddoBot has been a pioneering force in cybersecurity and information technology since 2008.

Redport Information Assurance

Redport Information Assurance

Redport Information Assurance is an information assurance and cyber security solutions provider offering integrated business solutions for all levels of government.