Fun
The Rising Threat of Bluetooth Relay Attacks on Cars: How Thieves Are Using Technology to Steal Vehicles
In recent years, car theft has evolved from brute force to sophisticated technological hacks. One prominent method is the Bluetooth relay attack, where thieves use signal relay devices to extend the Bluetooth connection range of a car owner’s smartphone. Here’s how it works, which cars are vulnerable, and what you can do to protect your vehicle.
How Bluetooth Relay Attacks Work
Modern vehicles, like Tesla, rely on Bluetooth signals from the owner’s smartphone to enable keyless entry and ignition. Thieves exploit this by using relay devices to intercept and amplify these signals. With one device near the owner’s phone (even inside a building) and another close to the vehicle, they effectively fool the car into thinking the owner is nearby, allowing them to unlock and start it.
If you’d like to see this method demonstrated, check out this video showing a relay attack on a Tesla (starting at 8:49). This example highlights how simple it is for hackers to carry out this attack, using just a few devices to amplify the phone’s signal and gain access to the vehicle.
Which Cars Are Vulnerable?
Tesla is well-known for its use of Bluetooth-based digital keys, especially in the Model 3, Model S, Model X, and Model Y. However, it’s not the only manufacturer offering this technology. BMW, Hyundai, Genesis, Lincoln, and Volvo also have models that use Bluetooth or NFC digital key technology, often integrated with smartphone apps:
- BMW offers the BMW Digital Key, available on models like the 3-Series and X5, allowing unlocking and starting via smartphone NFC compatibility (Kbb.com).
- Hyundai and Genesis use NFC in their Sonata and Genesis G80, which can be managed through their apps. They are also adding compatibility with Apple’s CarKey feature (MotorBiscuit).
- Lincoln’s “Phone As A Key” technology, available on the Aviator and Navigator, allows Bluetooth-based access to the vehicle. It works even in areas with poor network coverage, such as underground garages (AutoKnowledge).
- Volvo offers digital key capabilities on models like the XC40, enabling remote access and the ability to share digital keys with others through their Volvo On Call app (AutoKnowledge).
As digital key technology grows in popularity, it’s important to remember that these systems, while convenient, can be vulnerable to relay attacks if not adequately protected. Manufacturers are addressing these risks with security enhancements such as ultra-wideband (UWB) technology, as seen in some BMW models, which helps prevent unauthorized signal relay (MotorBiscuit).
Steps to Protect Your Vehicle
- Disable Passive Entry: Check your car’s settings and disable passive or keyless entry when not needed.
- Use a Signal Blocking Pouch: These pouches, often called Faraday bags, block Bluetooth and other wireless signals, making it difficult for thieves to relay signals.
- Regular Software Updates: Ensure your car’s software is up-to-date, as manufacturers often release patches to address security vulnerabilities.
- Use CarLock for Added Security: CarLock offers real-time monitoring and alerts for suspicious activities. With features like GPS tracking and notifications for vibration detection, engine started and vehicle moved, CarLock provides an extra layer of protection, notifying you immediately of any unusual movement or tampering with your car.
Conclusion
As car theft tactics become more advanced, so too must our security measures. Understanding which vehicles are vulnerable to Bluetooth relay attacks and taking proactive steps, like using CarLock and keeping passive entry features off when not in use, can help car owners protect their vehicles from becoming easy targets. By staying informed and implementing additional security measures, you can enjoy the convenience of digital keys without compromising on safety.