Hackers hacking Prius and other vehicles ...

Discussion in 'Other Cars' started by dslomer64, Mar 5, 2019.

Tags:
  1. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    ... may not be news, but I found this Consumer Reports online article, "Companies Target the Next Car Hack Attack", to be interesting and wondered if the topic has been discussed to death. Searching PriusChat for "hacking" only turned up "legitimate" hacks by owners (or non-applicable hits) before my patience ran out. (I just fixed the link.)

    Excerpt:

    "Carmakers trying to stave off cyberattacks must work with their own relatively old [1980s!?] computer technology and ... long product cycles. Software companies such as Karamba, Argus Cyber Security, and Inside Secure are working with automakers to protect their vehicles....

    "Fiat Chrysler ... became the first automaker to recall cars [Jeeps] to fix a ... [vulnerability] in the vehicle infotainment system made by Harman. A federal court ruling earlier this month allowed a class-action case ... against both companies ...

    "... hackers access software in cars [at] known trouble spots... any place the car connects with the internet—such as built-in WiFi hotspots, data streams, or built-in infotainment apps."​

    Twice, in far apart locations, my 2006 Prius' alarm (horn) went off, once at home and once around 3am nowhere near home. Police informed my daughter, at whose house I was staying. She couldn't find the key so she woke me.

    I {forgot/didn't know} {where/if} {I/she/gremlins} {put/hid} it!

    It seemed a lot longer to find it than two additional minutes. It was embarrassing. If I recall, the alarm wouldn't stop even after I found the key and pressed the correct and each other button, multiple times. I might have had to start the car; another minute or two. Horn seemed to get louder with each beep.

    I don't suspect hackers. Just FYI or whatever.

    I can't tell from what I've read if software companies such as the three mentioned in the excerpt offer "anti-mal-whatever" software for us owners and, if so, who among us is using what and how.

    Feel free to point me and others to good discussion(s) on the topic.
     
    #1 dslomer64, Mar 5, 2019
    Last edited: Mar 5, 2019
  2. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    HA! What appears to be My very first post to PriusChat tells the tale of the random beeping and it was a lot worse than described in this thread.

    P.S. It hasn't happened since.
     
  3. CooCooCaChoo

    CooCooCaChoo Active Member

    Joined:
    Jan 7, 2015
    546
    261
    0
    Location:
    Fresno, CA
    Vehicle:
    2017 Prius
    Model:
    Two
    Yeah previous generations had a vulnerability in which attackers could boost the signal of the fob from where it's stored to where your car is thus fooling your car into thinking that the fob was right next to it. Gen 4 had a much shorter range to prevent this.

    Best bet is to store the fob in a metal container that acts like a Faraday cage.
     
    dslomer64 likes this.
  4. The Professor

    The Professor Senior Member

    Joined:
    Apr 5, 2018
    456
    610
    0
    Location:
    UK
    Vehicle:
    2017 Prius
    Model:
    Excel
    You can also turn the fob off on the Gen4 by holding the lock button on the fob (this will lock the car too) and while holding it down press the unlock button twice. The red light on the fob will flash a couple of times to indicate success. The fob will now not reply to the car to indicate it's in range.

    Pressing the unlock button turns it back on (and also unlocks your car).

    I use the above trick to save the battery in the spare keys too.
     
    #4 The Professor, Mar 6, 2019
    Last edited: Mar 6, 2019
    RCO, SFO, dslomer64 and 4 others like this.
  5. Dxta

    Dxta Senior Member

    Joined:
    Nov 7, 2016
    1,828
    672
    0
    Location:
    Lagos
    Vehicle:
    2008 Prius
    Model:
    II
    Could this technique be applied to other vehicles, or its just a Prius, or Toyota thing?
     
  6. alanclarkeau

    alanclarkeau Senior Member

    Joined:
    Feb 24, 2016
    5,832
    6,403
    0
    Location:
    near Brisbane, Australia
    Vehicle:
    2016 Prius
    Model:
    N/A
    I take my spare key battery out. When it was 2 yrs old, I swapped the one I was using to become the spare. Only one driver here - the dog isn't old enough yet.
     
    RCO likes this.
  7. Dxta

    Dxta Senior Member

    Joined:
    Nov 7, 2016
    1,828
    672
    0
    Location:
    Lagos
    Vehicle:
    2008 Prius
    Model:
    II
    This is an existential threat, I'd say, if vehicles could be hacked.
    My concerns would be that, terrorists, could use the hacking technology, to cause mayhem.
    Imagine, is your Prius, or any other autonomous vehicle was used to mauled people in a crowded place like Lagos, Network, or London.
     
  8. The Professor

    The Professor Senior Member

    Joined:
    Apr 5, 2018
    456
    610
    0
    Location:
    UK
    Vehicle:
    2017 Prius
    Model:
    Excel
    The hacking issue applies to all vehicles with smart/keyless entry and start. It's a simple and very hard to defeat hack without disabling the system.

    The system works by the car sending a weak signal when you put your hand behind the door handle. If the key fob is near enough to receive it the key responds by sending the unlock transmission (as if you'd pressed the unlock button on the fob).

    All the hackers do is vastly increase the range of the system by using high gain antennas and a repeater device. They stand near your property and point a high gain antenna at your key fob, that antenna is plugged into a recording device. Another antenna is held next to your vehicle. They put their hand behind the door. The car transmits its weak signal, the recorder records it and transmits it out of the other antenna blasting the signal at your fob. It receives it and transmits the unlock code. The high gain antenna receives it and the recorder records it, then blasts it out of the antenna near your car. Effectively making a bridge between your car and your fob, tricking the car into thinking you're next to it. They repeat the same process for starting the car.

    As far as I know, all vehicles with this technology are effected. The equipment is expensive but getting cheaper. The only solutions are disabling the system (either in the car settings or via the key fobs), or keeping your keys in a Faraday bag, metal box, metal safe, microwave, etc, to completely block the signals.
     
    RCO and Dxta like this.
  9. Dxta

    Dxta Senior Member

    Joined:
    Nov 7, 2016
    1,828
    672
    0
    Location:
    Lagos
    Vehicle:
    2008 Prius
    Model:
    II
    1. The hackers don't have the owner's key close to the door handle. So how would they do this?
    Are you saying, they just need to place their hacking device close to the door?
    2. Totally disabling it you, removing the key fob battery itself, or what?
    3. Thanks for clarifying.
     
  10. alanclarkeau

    alanclarkeau Senior Member

    Joined:
    Feb 24, 2016
    5,832
    6,403
    0
    Location:
    near Brisbane, Australia
    Vehicle:
    2016 Prius
    Model:
    N/A
    Or hope they pick someone else's car.

    As far as terror incidents are concerned - that's a real issue I've heard on a few PODCASTs relating to Autonomous Vehicles - and they're working hard to get around it.
     
  11. Colin Jones

    Colin Jones Member

    Joined:
    Sep 13, 2014
    97
    170
    1
    Location:
    Aberdeen/UK
    Vehicle:
    2017 Prius
    Model:
    Business Edition
    You need someone near the car with one receiver/transmitter, and another near the keyfob - either a static unit, or another person. e.g:

    [​IMG]
     
    RCO, SFO and dslomer64 like this.
  12. The Professor

    The Professor Senior Member

    Joined:
    Apr 5, 2018
    456
    610
    0
    Location:
    UK
    Vehicle:
    2017 Prius
    Model:
    Excel
    1) They don't need the key near the car, that's the whole point. They just trick the car into believing it's near by using a device to relay the signal a further distance... In this case increasing the distance from a couple of feet to the distance to wherever the fob is located in your house. See the diagram posted above as it helps explain it.

    2) The smart entry system relies on both the car and the fob being able to transmit and receive signals. You can disable the system for as long as you like in the settings menu in the car settings (on mine is in Setup on the media screen -> Vehicle -> Vehicle Customisation -> Door Lock Settings -> Entry and Start System), or you can disable it on the fob on a more temporary basis as I described above.
     
    Dxta and dslomer64 like this.
  13. kithmo

    kithmo Couch Potato

    Joined:
    Apr 25, 2010
    2,262
    2,544
    47
    Location:
    South Yorkshire, UK
    Vehicle:
    2016 Prius
    Good tip, thanks Prof. I now have belt and braces for my spare key, turned off and inside a signal blocking pouch. (y)(y)(y)
     
    alanclarkeau and The Professor like this.
  14. kithmo

    kithmo Couch Potato

    Joined:
    Apr 25, 2010
    2,262
    2,544
    47
    Location:
    South Yorkshire, UK
    Vehicle:
    2016 Prius
    SWMBO's 2006 Gen 2 alarm goes off quite frequently for no reason, especially when the 12v battery is low. I suspect it's one of the interior sensors and she turns off the interior sensors (button under dash) when it does it and that seems to work. Hers is not key less entry BTW.
     
    dslomer64 likes this.
  15. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    I'm gonna do that as soon as I find both key fobs. Or even just ONE of them.

    Thanks.

    Where did you find this info?
     
  16. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    Wow. To the picture, the method, your knowledge... Just Wow.

    Has anyone actually taken over a Prius this way? I ask partly because you say "could be done" on the picture. It certainly looks feasible.
    I assume the thieves' transmitters are simply generic so that sending and receiving are no-brainers..
    But how do they know what to send to car and to keyfob? Of course, they're hackers, so they'll find a way.
    If the transmitters are programmable, well, what hacker would not salivate over this opportunity to write code?
    They're hackers; screwing with others' stuff is their raison d'être; even trial-and-error isn't out of the question, especially with programmable transmitters.

    So I found cheap transmitter/receiver pairs. Doesn't say "programmable". Not sure that's necessary.

    I'm following The Professor's advice.
     
  17. The Professor

    The Professor Senior Member

    Joined:
    Apr 5, 2018
    456
    610
    0
    Location:
    UK
    Vehicle:
    2017 Prius
    Model:
    Excel
    Not heard of Prii specifically being stolen with this method, but all keyless entry and start systems are vulnerable.

    The hackers don't need to know what to send, all they need to do is relay the signals coming from the keyfob to the car, and vice versa.

    To be clear... The car transmits a signal to the fob whenever you put you hand behind the handle or press the start button. The fob receives that signal and if it recognises the code it transmits a door unlock code. All the hackers are doing is receiving and boosting those transmissions. They don't have to understand the transmission, break any codes, or anything else. Just repeat it.
     
    #17 The Professor, Mar 6, 2019
    Last edited: Mar 6, 2019
    dslomer64 likes this.
  18. The Professor

    The Professor Senior Member

    Joined:
    Apr 5, 2018
    456
    610
    0
    Location:
    UK
    Vehicle:
    2017 Prius
    Model:
    Excel
    The manual :D
     
  19. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    [QUOTE="CooCooCaChoo...[/QUOTE] ...Mrs. Robinson..."

    So GooGooGaJoob was taken? Or did you like Simon and Garfunkel better than the Beatles?

    Isn't it interesting how two songs of the same era--no, same 12-month period!--would have such a similar lyric with almost the same beat, tempo, and score(?) (but not key).... Did S&G copy Fab4? Or was it Zeitgeist at work?
     
  20. dslomer64

    dslomer64 Member

    Joined:
    Oct 3, 2014
    130
    82
    0
    Location:
    Cincinnati, OH
    Vehicle:
    2006 Prius
    Great explanation. I learned a lot from this thread. Sad no programming or similar code is required. It's hardly hacking in the strictest sense. Then again, guessing (or stealing) a password and logging in to a private system to wreak havoc certainly is hacking with no code required.
     
Loading...