Have you ever wondered how easy it is for thieves to hack into your car? In a recent experiment, Jeremiah Burton set out to discover just that by attempting to steal an $80,000 Tesla using a $20 gadget. He delves into the dark underbelly of car hacking to test the vulnerabilities of modern car security systems.
During his quest, Jeremiah comes across the concept of a replay attack, the easiest way to hack into a car. This method involves capturing the radio signal sent from a key fob to the car and then replaying it to unlock the vehicle. In an attempt to demonstrate this vulnerability, Jeremiah uses a Software Defined Radio, a device readily available on the market, to intercept and replay the signal. However, he faces obstacles such as rolling codes and the inability to start the car, leading him to explore another type of attack: the relay attack.
After delving into the world of relay attacks, Jeremiah encounters challenges in finding a device and even attempts to build one himself. Ultimately, he seeks the expertise of a security researcher, Sultan, who introduces him to a Bluetooth vulnerability in keyless entry technology, specifically affecting phones used as car keys. With a simple, inexpensive device, Sultan demonstrates how they can steal a Tesla using this method, emphasizing the need for individuals to be cautious and turn off their Bluetooth to prevent such attacks.
This experiment sheds light on the growing concerns around car security and the potential ease at which modern vehicles can be hacked. Jeremiah’s journey into the world of car hacking serves as a reminder for car owners to stay vigilant and take necessary precautions to protect their vehicles from potential threats.
What is a relay attack?
A relay attack involves tricking a car into thinking its key is closer than it actually is by relaying the signal. It can be compared to a wifi range extender. When the car detects the key nearby, it sends a wake-up signal to the key, and the key then sends an encrypted signal back to the car. By intercepting and relaying this signal, thieves can gain unauthorized access to the car.
What is a replay attack?
A replay attack involves capturing the radio signal from a key fob when it is used to lock or unlock a car. This captured signal can then be replayed to unlock the car without the actual key fob being present. However, modern cars use rolling codes that change with each use, making replay attacks ineffective in real-life situations.
How can car owners protect against these attacks?
Car owners can protect against relay and replay attacks by ensuring their keyless entry systems use advanced security measures such as frequency hopping, encryption, and strict latency limits. Additionally, turning off Bluetooth when not in use can prevent unauthorized access to a car’s keyless entry system.