Hackers Stole A £60,000 BMW

Doing little more than holding a bag up to the front door of a house a thief can steal a BMW.

Days after a Mercedes was said to have been taken in a similar way, a £60,000 BMW X5 vanished from its owners’ drive as they slept. The thieves were caught on CCTV using some sort of transmitting device inside the bag which is thought to extend the signal from the car’s keyless fob which was inside the house. 

How does the Technique Work?

Criminals stand near houses with a device that picks up the signal of the car key and relays it to an accomplice standing near the car with another transmitter, which unlocks and starts the vehicle.Drivers have been advised to take precautions such as turning off the fob’s radio signal, achieved on Mercedes cars by clicking it twice, or storing it in a metal-lined container.   

The car uses a keyless start system meaning it can be unlocked simply by having the fob close by. Both vehicles were stolen in Essex, prompting fears a gang is targeting new ‘keyless’ cars with high resale values.

Security expert Ray Anderson, whose firm covers Essex, said it was the fourth such theft he had heard of in the last four months. He warned the only way to protect against it may be to keep key fobs inside a metal box. There has also been advice to keep them in the fridge.
‘The metal blocks the signal,’ said Mr Anderson, of Classic Security Solutions. ‘We think these keyless fobs continually emit a signal. You can turn them off but most people don’t.
‘We think, from analysing CCTV, [the thieves] are using a device to extend the signal which makes it appear the fob is closer than it is.
‘Nothing special is required to use it. This whole thing was over in five minutes and there is not much chance of them getting it back.’

The owners were asleep when the car was stolen from their driveway at around 2am on April 4. They only realised it had gone the next morning. They did not want to be identified but have released the CCTV footage from their security cameras to warn others.

They said: ‘We are extremely concerned our BMW could be stolen in this way. We see this as a significant security breach.’ In the CCTV, two men can be seen sprinting towards the house. One goes to the car door while the other, holding a bag, stands by the front door of the house.

One of the men can then be seen moving the bag around outside the front door, apparently trying to detect a signal. Moments later, the car lights come on and the two men are inside and away. CCTV also showed the £35,000 Mercedes C220 being taken from a driveway in Grays on April 11. In this case the thieves went through a similar routine, with one man waving a bag near the wall of the house.

The car owners said the fob was stored at the back of their home, far from the drive. 

But they believe the thieves managed to hack it and extend its reach. Keyless vehicles do not have traditional ignition keys, instead coming with a plastic fob that contains a computer chip and security code.
When the fob is nearby, the code is detected by the car’s computer, allowing the driver to start the engine at the press of a button.

It is thought that thieves could be using a ‘relay’ strategy with a pair of radio transmitters. One gets as close as possible to the key fob inside the house by holding a transmitter close to the wall. The second holds his device by the car door. The devices relay a signal to unlock the vehicle.
Mercedes said it was not aware of any thefts relating to keyless start systems and said all its vehicles had extensive security systems.

A BMW spokesman said it was hard to tell from looking at stills of the theft how the car was stolen. He added: ‘This form of theft would appear to be extremely rare.’

An Essex police spokesman said: ‘We take car theft seriously and use a range of tactics to detect this.’ 

DailMail:

You Might Also Read:

Hackers Could Turn Off Your Car Engine – While You Are Driving:

Older Cars Can Connect To Modern Smartphones:

Twelve Things To Know About Self Driving Cars:

 

 

« NATO Cyber War Games 2017: Czechs Win
Cybersecurity Has A Metrics Problem »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Corsa Security

Corsa Security

Corsa Security is leading the transformation of network security with a private cloud approach that helps scale network security services with unwavering performance and flexibility.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

Blockchains LLC

Blockchains LLC

Blockchains is committed to changing the world for the better. Using blockchain and other innovative technologies, we’ll build new systems, new security, and new interactions.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

Internetwork Defense (IND)

Internetwork Defense (IND)

Internetwork Defense is a premier provider of Information Security Training and Business Consulting Services in the Mid-Atlantic region.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Silent Circle

Silent Circle

Silent Circle is the leader in end-to-end enterprise solutions for secure mobile communications.

Haiku

Haiku

Haiku stands at the forefront of cybersecurity upskilling, leveraging video games to immerse you in a flow state for accelerated, enduring learning.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.

Abissi

Abissi

Abissi offer cyber intelligence, IoT security, automotive security, red teaming, application security and artificial intelligence security services, with a focus on security by design.

Rakuten Maritime

Rakuten Maritime

Rakuten Maritime is your trusted partner in maritime cybersecurity, offering comprehensive and proactive solutions tailored to every stage of a ship’s life cycle.