Hacker creates a $9,000 ‘keyless repeater’ device that can wirelessly unlock any luxury car by creating an extended bridge connection to the owner’s fob without their knowledge
- A pseudonymous hacker named ‘EvanConnect’ is selling a car hacking tool
- Called a keyless repeater, it amplifies the low frequency signal from the car that allows it to communicate with the owner’s fob wherever it is
- He sells a base level model of the device for $9,000 and an upgraded $12,000 model that he claims could unlock any car with a wireless fob system
A pseudonymous hacker going by the name ‘EvanConnect’ is selling a device that will let users break into any luxury car that uses a wireless key fob system.
EvanConnect demonstrated the device, called a keyless repeater, with a video released this week.
The video shows him approaching an unattended Jeep in a parking lot and using the small handheld device with an antenna to unlock the driver’s side door of the Jeep and start the engine.
Scroll down for video
A pseudonymous hacker named EvanConnect is advertising a keyless repeater device that he claims can be used to unlock any luxury car that uses a wireless fob system
He says the car in the video belonged to a friend who gave him permission to use it, so no crime was actually committed, but he admits there’s no guarantees as to how his customers might use the device.
In an interview with Vice, EvanConnect says he sells the base model for $9,000, which works on all luxury cars except for those that use frequencies between 22 and 40 khz, such as Mercedes, Audi, Porsche, Bentley and Rolls Royce models released after 2014.
He also offers an upgraded version for $12,000 that includes coverage of even these frequencies, effectively meaning it can unlock any car that uses a wireless fob system.
Keyless repeaters are sometimes used by security firms to test vehicle defense systems so the sale isn’t automatically illicit, and EvanConnect says his interest in the technology is purely a hobby.
‘Honestly I can tell you that I have not stolen a car with technology,’ EvanConnect said.
‘It’s very easy to do, but the way I see it, why would I get my hands dirty when I can make money just selling the tools to other people.’
The device works by picking up the low frequency wireless signal that locked cars regularly emit to detect when their owner’s fob is near.
The device re-transmits that signal at a higher frequency through a separate laptop-sized device, which can send it across much longer distances.
That allows the laptop-sized device to silently connect with the actual key fob wherever it is–in the owner’s pocket or on the side table by their front door–creating a long-distance bridge that connects it to the car.
EvanConnect sells two versions of the device, one for $9,000, which works on a limited number of cars, and another for $12,000 which connects with any car that uses wireless fobs
The system works by detecting the specific low level frequency the car uses to communicate with its owner’s fob, then broadcasting that signal through a relay device that allows it to search a much larger area
The relay device can silently connect with the owner’s fob wherever it is and bridge it to the car’s door locks and ignition system, effectively tricking the car into thinking the fob is nearby
The real fob then replies to a series of challenge/response security messages to verify its authenticity, and then the car unlocks.
The same bridging process is then used to gain permission through the owner’s fob to start the motor.
Samy Kamkar, a security expert Vice asked to review EvanConnect’s footage, says the keyless repeater technology is commonly known in the field.
‘I can’t validate that the video is legitimate but I can say that it is 100% reasonable (I’ve personally performed the same attack on more than a dozen vehicles with hardware I’ve built and very easy to demonstrate),’ Kamkar wrote in an email.
HOW TO PROTECT YOUR VEHICLE FROM KEYLESS REPEATERS
Every make and model of car which can start ‘keylessly’ is susceptible to a relay attack.
While this might put drivers on edge, there are easy steps you can take to stop you becoming the next victim of a relay theft.
Certain metals are capable of blocking key signals, which means if you store your fob with one of these metals around it, criminals won’t be able to pick them up and steal your vehicle.
The most simple and most ingenious is a metal can.
The aluminum in a drinks can will stop radio signals being transmitted from your key and stop burglars in their tracks.
Some experts have suggested keeping your keys in the fridge, as the material on the inside will block signals too.
If you’re looking for a low-cost option, some people wrap their fobs in tin foil – although this isn’t endorsed by security firms.
Keeping your keys in a small metal box however can work efficiently.
Special faraday pouches — cheap wallets which shield the key’s radio signal from being transmitted — are also useful for storing your keys when you’re away from home – in motorway service stations and public car parks.
Experts also encourage drivers to keep them at least 5m away from their front door, to give thieves the worst chance of being able to relay a signal.
But some security specialists advise against hiding your car keys too obscurely in your house — because if serious criminals truly want to steal your car, they will break in and do anything to find the keys.
Old-fashioned methods like parking in a well-lit area, using a steering wheel lock and installing a proper tracking device to your vehicle are still highly recommended to keep your car safe.