The Register® — Biting the hand that feeds IT

Feeds

Police 'stumped' by car thefts using electronic skeleton key

Appeal for the public's help

By Iain Thomson, 6th June 2013
135

Supercharge your infrastructure

Police in California have admitted they are baffled by a series of car thefts where robbers use a small hand-held electronic device to unlock supposedly secure car-locking systems.

"This is bad in the sense we're stumped," Long Beach deputy police chief David Hendricks told NBC. "We are stumped and we don't know what this technology is."

The police force has taken the unusual step of releasing video of two recent car break-ins in the southern California town by robbers using the device, which resembles an electronic key fob. In both cases the device unlocks the passenger side door and appears to disable the alarm system, allowing the thieves to rummage through the car but not drive it off.

Hendricks said that the force has been in discussions with car manufacturers and mechanics to try and find out what the device is, but so far have had no luck and are appealing to the public for information.

"This is really frustrating because clearly they've figured out something that looks really simple and whatever it is they're doing, it takes just seconds to do," said security consultant Jim Stickley. "And you look and you go, 'That should not be possible'."

Cracking electronic car keys is perfectly possible. Back in 2011 a Swiss team of researchers opened and started cars from eight different manufacturers using inexpensive hardware.

The team positioned one aerial next to the target car and another within eight meters of the car key itself. By transmitting data between the two using both wired and wireless communication the car could be unlocked and disarmed.

More recently, El Reg reported last year on a $30 kit that can be used to hack cars using the On-board diagnostics (OBD) computer system. The system was being used in Britain to scan and copy key fobs for high-end BMW vehicles.

This latest device looks like it could be somewhat similar, but it's not known if the car thieves staked out the two robbed Long Beach cars in the police video to copy their owner's keys, or if this new device is the car robber's dream: a universal access key that works on most models.

California police have advised motorists to empty their car of all valuables at night – including garage door openers that could be used to burgle a property. ®

5 ways to prepare your advertising infrastructure for disaster

135 Reader Comments

Whitepapers

5 ways to prepare your advertising infrastructure for disaster
Being prepared allows your brand to greatly improve your advertising infrastructure performance and reliability that, in the end, will boost confidence in your brand.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Email delivery: Hate phishing emails? You'll love DMARC
DMARC has been created as a standard to help properly authenticate your sends and monitor and report phishers that are trying to send from your name..
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Email delivery: 4 steps to get more email to the inbox
This whitepaper lists some steps and information that will give you the best opportunity to achieve an amazing sender reputation.
Search more Resources

More from The Register

next story
Chaos Computer Club: iPhone 5S finger-sniffer COMPROMISED
Anyone can touch your phone and make it give up its all
147
Hardbitten NYC cops: Sir, I'm gonna need you to, er, upgrade to iOS 7
Yes, really
84
Hundreds of hackers sought for new £500m UK cyber-bomber strike force
Britain must rm -rf its enemies or be rm -rf'ed, declares defence secretary
49
NSA in new SHOCK 'can see public data' SCANDAL!
What you say on Twitter doesn't stay on Twitter
82
UK's Get Safe Online? 'No one cares' - run the blockbuster ads instead
Something like Jack Bauer's 24 ... whatever it'll take to teach kids how to bat away hackers
42
Would you hire a hacker to run your security? 'Yes' say Brit IT bosses
We don't have enough securo bods in the industry either, reckon gloomy BOFHs
30
Sweet murmuring Siri opens stalker vulnerability hole in iOS 7
'Siri, hand over my contacts and history now…'
25
Yahoo! Pays! Paltry! $12.50! Bug! Bounty! For! Nasty! Email! Vuln!
And even that had to be spent on Yahoo! tat
17
Facebook allows full personal data ransack with Graph Search
Posts, updates, the lot. Our ad sales will boom. Mwu-ha-haaaa ... bitch
25
London schoolboy cuffed for BIGGEST DDOS ATTACK IN HISTORY
Bet his parents wish he'd been playing computer games
36
prev story