Technological advances provide us with countless conveniences in our daily lives. The mobile phone has become an indispensable tool for our day to day and we use many of the functionalities that it offers us for aspects related to mobility. However, along with all these advantages, new risks have also arisen that we have to face.
One of the most alarming dangers is car theft by exploiting the information stored on our mobile devices. Hackers have found in the connectivity systems of modern vehicles a way to perpetrate all kinds of crimes. By exploiting vulnerabilities in wireless networks, criminals are able to remotely access the electronic systems of our cars and take control over them.
Let's go over some of the technology-based methods thieves use to steal cars.
Not even Tesla, the technological giant that in turn is the world's largest manufacturer of electric cars, has managed to escape the urpes of hackers, as we saw in an information published some time ago in Moveo. Its keyless system (without a key) that functions as a smart key was exposed when the hacker managed to intercept the frequency of the remote control and start a Tesla Model 3.
Through its social networks, the National Police warns of this practice used by criminals. In a video posted on TikTok, a body agent advises that when closing the car with the remote control we make sure that the doors have been closed, lest someone have prevented it by activating a frequency inhibitor.
Facial recognition is a technology capable of identifying or verifying a person through an image. Although it is considered a safe tool and is more and more widespread, it has some concerns in terms of security and privacy. The British consumer organization Which? has discovered that certain models of Android phones with facial recognition technology can be easily fooled by printing out a photo.
Some vehicles use this technology to identify and recognize the facial features of drivers and passengers. Although, in principle, the system should serve to prevent unauthorized access to the car, the vulnerability presented by certain Android mobiles indicates the opposite. Some car models even allow the unlocking and starting of the vehicle through facial recognition of the owner.
In the digital world, cybercriminals are always one step ahead of technology and find new ways to commit misdeeds. One of the methods hackers use to break smartphone security mechanisms is called 'BrutePrint'. It consists of executing brute force attacks to decipher fingerprints and circumvent user authentication mechanisms. In this way, hackers manage to take control of the mobile.
If the mobile phone is linked to the car system, the vehicle is no longer invulnerable. Using this technique, hackers manage to circumvent the smartphone's protection system, which does not record failed attempts. By being able to make as many attempts as they want until they find the image of the car's owner's fingerprint, criminals find a free hand to unlock the vehicle.
The method of stealing a car through the headlights with a fake Bluetooth speaker posing as a key was denounced by Ian Tabor, owner of a Toyota RAV4. This London-based cybersecurity specialist explained in April that one morning he found the front of the car damaged and the headlight wiring connector torn off. Although he believed that it was an attempt to steal the car's lights, two days later he verified that the operation hid the preparations for a robbery: the vehicle was no longer parked there.
Thanks to his training, Tabor was able to pull the thread until he found the key to the operation. The hackers had accessed the CAN Bus network through the headlights, the protocol that allows communication between microcontrollers and devices in the latest generation cars. Using a device disguised as a Bluetooth speaker that masquerades as a key, the hackers finally stole the car without arousing suspicion.
