Hackers Stole A £60,000 BMW

Doing little more than holding a bag up to the front door of a house a thief can steal a BMW.

Days after a Mercedes was said to have been taken in a similar way, a £60,000 BMW X5 vanished from its owners’ drive as they slept. The thieves were caught on CCTV using some sort of transmitting device inside the bag which is thought to extend the signal from the car’s keyless fob which was inside the house. 

How does the Technique Work?

Criminals stand near houses with a device that picks up the signal of the car key and relays it to an accomplice standing near the car with another transmitter, which unlocks and starts the vehicle.Drivers have been advised to take precautions such as turning off the fob’s radio signal, achieved on Mercedes cars by clicking it twice, or storing it in a metal-lined container.   

The car uses a keyless start system meaning it can be unlocked simply by having the fob close by. Both vehicles were stolen in Essex, prompting fears a gang is targeting new ‘keyless’ cars with high resale values.

Security expert Ray Anderson, whose firm covers Essex, said it was the fourth such theft he had heard of in the last four months. He warned the only way to protect against it may be to keep key fobs inside a metal box. There has also been advice to keep them in the fridge.
‘The metal blocks the signal,’ said Mr Anderson, of Classic Security Solutions. ‘We think these keyless fobs continually emit a signal. You can turn them off but most people don’t.
‘We think, from analysing CCTV, [the thieves] are using a device to extend the signal which makes it appear the fob is closer than it is.
‘Nothing special is required to use it. This whole thing was over in five minutes and there is not much chance of them getting it back.’

The owners were asleep when the car was stolen from their driveway at around 2am on April 4. They only realised it had gone the next morning. They did not want to be identified but have released the CCTV footage from their security cameras to warn others.

They said: ‘We are extremely concerned our BMW could be stolen in this way. We see this as a significant security breach.’ In the CCTV, two men can be seen sprinting towards the house. One goes to the car door while the other, holding a bag, stands by the front door of the house.

One of the men can then be seen moving the bag around outside the front door, apparently trying to detect a signal. Moments later, the car lights come on and the two men are inside and away. CCTV also showed the £35,000 Mercedes C220 being taken from a driveway in Grays on April 11. In this case the thieves went through a similar routine, with one man waving a bag near the wall of the house.

The car owners said the fob was stored at the back of their home, far from the drive. 

But they believe the thieves managed to hack it and extend its reach. Keyless vehicles do not have traditional ignition keys, instead coming with a plastic fob that contains a computer chip and security code.
When the fob is nearby, the code is detected by the car’s computer, allowing the driver to start the engine at the press of a button.

It is thought that thieves could be using a ‘relay’ strategy with a pair of radio transmitters. One gets as close as possible to the key fob inside the house by holding a transmitter close to the wall. The second holds his device by the car door. The devices relay a signal to unlock the vehicle.
Mercedes said it was not aware of any thefts relating to keyless start systems and said all its vehicles had extensive security systems.

A BMW spokesman said it was hard to tell from looking at stills of the theft how the car was stolen. He added: ‘This form of theft would appear to be extremely rare.’

An Essex police spokesman said: ‘We take car theft seriously and use a range of tactics to detect this.’ 

DailMail:

You Might Also Read:

Hackers Could Turn Off Your Car Engine – While You Are Driving:

Older Cars Can Connect To Modern Smartphones:

Twelve Things To Know About Self Driving Cars:

 

 

« NATO Cyber War Games 2017: Czechs Win
Cybersecurity Has A Metrics Problem »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Firebrand

Firebrand

Firebrand is the leader in Accelerated Learning in the field of IT and project management.

Fidelis Security

Fidelis Security

Fidelis Security is a leading provider of extended threat detection and response (XDR) solutions for your security operations.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

IntSights

IntSights

IntSights is an intelligence driven security provider offering rapid, accurate cyberthreat intelligence and incident mitigation in real time

Shadowserver Foundation

Shadowserver Foundation

Shadowserver Foundation aims to improve internet security by raising awareness of compromised servers, malicious attackers and the spread of malware.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

Intertrust Technologies

Intertrust Technologies

Intertrust Technologies is a software company specializing in trusted computing products and services.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

EvoNexus

EvoNexus

EvoNexus is a technology startup incubator with locations in San Diego, Orange County, and Silicon Valley.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Conosco

Conosco

Conosco are industry-leading experts throughout the UK in strategic consulting, project delivery, business communications, support, and security.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

appNovi

appNovi

appNovi inventories everything to map the attack surface, identify missing security agents, and prioritize vulnerabilities based on exposure.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.