Although manufacturers claim that luxury cars have the best security measures, an ethical hacking researcher intends to prove otherwise by using a device he developed himself. Its creation is capable of opening any car with keyless opening and ignition system (FOB technology), exposing multiple luxury car models to theft.
What is the attack?
Instead of using a key, these cars use an authentication device to open their doors and start the engine using a lightweight wireless signal. How does the method discovered by this hacker work? The device picks up the low-frequency wireless signal that closed cars often emit to detect when the owner’s control (frequency button) is nearby.
The device then relays that signal at a higher frequency through a device other than the size of a laptop, which has the ability to send it over long distances, according to the ethical hacking specialist.
By using this, the laptop-sized device connects to the legitimate owner’s control of the car, creating a kind of bridge to connect to the car and open the doors. Once inside the car, the perpetrator can use the same method to start the engine and drive the vehicle or, in other words, steal the car.
The investigation is not intended to steal luxury cars, he says
The ethical hacking specialist, known under the EvanConnect alias, states that his intentions are not criminal: “I can honestly say that I have not stolen a single car with this method, although they can be sure that this would be very easy. Still, I have no intention of doing so, why would I get my hands dirty when I can just sell this technology to others? “.
The specialist claims to have created two versions of the device, one of 9 thousand dollars and one of 12 thousand dollars. The most expensive version works to open luxury cars from manufacturers such as BMW, Audi, Mercedes Benz, among others. Maybe now you should feel lucky to have a less sophisticated car.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.