fbpx

Vision Invasion: Car thieves using Bluetooth speakers to steal cars through headlights, says digital security expert

A Toyota in the midst of a suspected CAN injection theft attack over several months. Photo by Ian Tabor/Twitter

Toronto, Ontario — Car hackers are evolving and they’re coming for your headlights—literally.

According to at least one security expert, car thieves have discovered a way to enter a vehicle’s internal computer network through the headlights, connecting the vehicle’s CAN bus system and creating a false duplicate of the vehicle FOB.

Loyal readers with a sense of déjà vu may recall that this line of attack is nearly identical to our previously reported FOB relay attack, with the wireless transmission of a real FOB’s signals being replaced by a hacker directly plugging into the vehicle via the headlights.

Ken Tindell, chief technical officer of Canis Automotive Labs details his investigation into what been dubbed the CAN injection keyless car theft, referencing photos taken by a friend venting on social media about an apparently vandalized car with the “front bumper and arch trim pulled off,” along with the “headlight wiring plug (which) had been yanked out.”

This progressed a few months later with the headlight being completely unplugged, followed by the car driving away a few days after.

Tindell explains this has become an emerging trend among car thieves, where the prospective hacker uses an emergency start system disguised as a Bluetooth speaker, plugs it into the vehicle’s headlights and programs the vehicle’s electronic control unit to open the door or begin driving.

Tindell elaborates that these systems are commercially available on the dark web, with brand-specific techniques being actively discussed on forums, hinting at the scale of this problem.

According to Autoblog, there are no immediate countermeasures against this type of attack. However, it does require the thief to remove body panels and gain access to the vehicle’s wiring, meaning that physically securing the vehicle might be the only option for now.

Finally, be careful if you notice tampering or damage to the trim and body panels around your headlights—it might be anything from vandalism to a planned theft in progress.

For Tindell’s technical deep-dive, click here.

 

SHARE VIA:
Facebook
LinkedIn
Twitter
Email

Sign-up for the Collision Repair daily e-zine and never miss a story –  SUBSCRIBE NOW FOR FREE!

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Arslan Accuvision
PlayPlay
Fix Conference
PlayPlay
Fix Canada Conference
PlayPlay
previous arrow
next arrow

Recent Products

Recent Posts

Stay on top of the latest INDUSTRY news and trends by subscribing to our daily e-zine!

Our other sites

Our other sites

Days
Hours
Minutes
Seconds