The Berlin-based automobile club ADAC has released a study that found thieves can use a $200 signal booster to fool cars into thinking their owners are nearby, which allows them to unlock the doors and even start the engine. Of the 24 models they found vulnerable to this simple attack, this also allowed the engine to stay running even after the vehicle had been driven outside the range of the transmitter.
The researchers shared a link to a video that shows this attack actually used by a group of thieves.
Security researchers have been able to take over cars remotely because automakers don’t always do a good job at limiting how car systems interact with wireless communications. What’s more, even cars that aren’t internet-enabled can be taken over via third-party devices that introduce connectivity, such as through the diagnostics port.
I is a bad idea to have an expensive car stolen because of vulnerable key fobs.