SAPD: Car thieves using technology to hack key fobs, steal vehicles

Newer model vehicles with push button ignition most vulnerable to relay attack

By Tim Gerber - Reporter/Anchor

SAN ANTONIO - San Antonio police officers are warning citizens of a recent increase in vehicle thefts and burglaries on the Northwest Side, and in some cases, they think the thieves are using technology to hack their way in.

It's called a relay attack, and it uses a vehicle's wireless key fob to gain access by stealing the low-frequency radio signal the fob transmits.

It's not a new crime. Crooks in Europe have been doing it for several years. American law enforcement agencies began seeing similar thefts occur as far back as 2013.

Now, the San Antonio Police Department says it's happening here.  

Officers with SAPD’s SAFFE unit have been using social media to warn residents in the Prue service area about thieves using a vehicle's key fob to break into and in some cases even steal the vehicle.

"We've just seen criminals using a device to walk up to the car and somehow through the low radio frequency, checking to see if the fob is accessible," said Officer Alisia Pruneda. "If it is, then they're making entry into the vehicle through this device and taking the car that way."

There's no broken glass left behind, often leaving the owner confused unless they have a surveillance camera that catches the thieves in action. Pruneda said they have at least one crime caught on camera but they are aware of other similar thefts in recent months.

The way the attack works, the thieves don't even need the key. They can steal the signal from a key inside a home and use it to open the vehicle and take it.

"It's made to be convenient, and the technology is amazing. It's also quite accessible for criminals to find a way to get in through this device that they use," Pruneda said.

Here's how it works: The attackers grab the radio signal being transmitted by a key fob nearby using a receiver. The receiver amplifies and relays the signal to a second device, which, when held in close proximity to the target vehicle, allows the thief to unlock it and in some cases even start the engine.

While SAPD wasn't able to share any video of a local theft, several have been caught on cameras across the country in recent years. Investigators in California were stumped by a 2013 theft that showed two men using what investigators called a "mystery device" to unlock the car. Another California man used a similar device in 2015 to steal an expensive bike from a parked SUV in broad daylight. Earlier this year in Florida, investigators believe two suspects caught on camera were attempting to use the same technology, but it failed to work on any of the vehicles they targeted.

The National Insurance Crime Bureau has been tracking these thefts since 2014.

"A car is basically a computer on wheels, and if you know how to hack into the system and can attack that system, that's what the thieves want to do," said Roger Morris, chief communications officer for NICB. "If a professional thief wants to steal your car bad enough, they're going to get it, one way or the other. This device makes it a little easier for the modern-day car."

In 2016, the NICB conducted an unscientific test on 35 different makes and models using a relay device they bought online.

"We were able to start it on over half of the vehicles we tested and then drive off in all but one of those we tested it on," Morris said. "This only works on keyless remote cars with a push button start, and it basically takes the place of the fob. It's a concern, and obviously it functions and works pretty well."

The device they tested costs between $4,000 and $5,000 but they've seen some on the dark web sell for as much as $60,000.

"If you take that money and target vehicles that you know it will open, and these are newer models, 2016, '17, '18's, you steal one car and that's a lot of money," Morris said. "Anybody that has a good grasp of hacking and computers and can make things can probably make one of these homemade. I mean it's scary, how easy it seems to be able to make these devices."

Morris said car manufacturers are aware of the problem and are working on solutions, but owners can take some simple precautions, like storing your fob in a special key pouch that can block the signal and keeping the key farther away from the vehicle, if possible.

"The proximity in which you need your keys is something that I think people need to understand, that it is a way for criminals to still be able to get into the car," Pruneda said.

Another simple way to protect against these attacks is to block the radio signal by wrapping the fob in tinfoil. You can also check your vehicle's owner manual. Some newer cars allow you to deactivate the fob to lessen the chances of this happening.

SAPD is still looking for the suspects involved in the recent thefts using this technology, but they said a bigger problem is people leaving their key fobs in their car, or worse, leaving the car unlocked. 

If you have home surveillance of suspicious activity, even if it's just people prowling around your home or car, you are urged to share it with SAPD so they can attempt to identify the suspects.

Copyright 2019 by KSAT - All rights reserved.