Stolen Car Mystery Solved: Smartphones Allow Thieves To Remotely Unlock and Start Cars | Ron Benvenisti

If you have seen the numerous TLS videos of cars being stolen very quickly you may have watch them very closely. The robbers will look at the windshield (or may have looked at the windshield earlier or in another location) to obtain the VIN number which is all they need to steal the car.

Given the recent uptick of stolen vehicles cybersecurity researchers have discovered a security vulnerability that exposes cars from Acura, BMW, Honda, Hyundai, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru, and Toyota to remote attacks through a connected vehicle service provided by SiriusXM.

SiriusXM’s Connected Vehicles (CV) Services are said to be used by more than 10 million vehicles in North America.

The issue could be exploited to unlock, start, locate, and honk any car in an unauthorized manner just by knowing the vehicle’s vehicle identification number (VIN), which is displayed under the front window of every car.

The system is designed to enable a wide range of safety, security, and convenience services such as automatic crash notification, enhanced roadside assistance, remote door unlock, remote engine start, stolen vehicle recovery assistance, turn-by-turn navigation, and even integration with smart home devices like thermostats, alarm systems and more

A separate vulnerability affects Hyundai and Genesis to remotely control the locks, engines, headlights, and trunks of the vehicles made after 2012 by using registered email addresses.

The MyHyundai and MyGenesis can be easily hacked to get around the email validation step and seize control of a target car’s functions remotely.

SiriuxXM and Hyundai have since rolled out patches to address the flaws.

On a side note, hackers are now exploiting the infrastructure powering electric vehicle (EV) charging, to skim credit card data, alter pricing, and even hijack an entire EV charger network.

This content, and any other content on TLS, may not be republished or reproduced without prior permission from TLS. Copying or reproducing our content is both against the law and against Halacha. To inquire about using our content, including videos or photos, email us at [email protected].

Stay up to date with our news alerts by following us on Twitter, Instagram and Facebook.

**Click here to join over 20,000 receiving our Whatsapp Status updates!**

**Click here to join the official TLS WhatsApp Community!**

Got a news tip? Email us at [email protected], Text 415-857-2667, or WhatsApp 609-661-8668.

5 COMMENTS

  1. You can cover your VIN number from inside the car. If you slip a small paper between dashboard and windshield under the inspection sticker area. Some cars have the VIN etched in each window tho

    • In New York you can get a summons if you cover the VIN number, I have a friend that it happened to. Also I think the NYS registration sticker has the VIN number on it too. So no help there 🙁

  2. This may be a nice theory,but it does not explain how they steal other makes of vehicles. They can have key fob signal extender devices or similar.

  3. I have a GMC conected using connected services by Sitius XM although its true that you can start the car using the app you CAN NOT drive the car unless key fob is in the car if you try the car will shut done. Secondly you can not access the car just by using the VIN. So not sure were you get your information from, but please do more research in the future.

  4. I had my car stolen without any broken windows or ignition, police found it intact in a bad neighborhood a few days later. my mechanic told me that at that time my make of car was being stolen often, and they caught one of the thieves and he admitted to having a master key. this was 18 years ago though, in Baltimore. Not sure if the same trick is possible today.

Comments are closed.


© Copyright | The Lakewood Scoop. All Rights Reserved