Keyless entry

Authorities from France, Latvia, and Spain arrested 31 suspects believed to be part of a car theft ring that targeted vehicles from two French car manufacturers.

The criminals only targeted cars that use keyless entry and start systems and stole them after exploiting their keyless technology to unlock the doors and start the engines without having to use the key fobs.

To do that, they used a fraudulent tool promoted online as an automotive diagnostic solution to replace the stolen cars’ software and bypass the vehicles’ keyless system to enter and steal them.

The cyberspace command of the French National Gendarmerie (FNG) also seized the domain for the fraudulent software used to hack the cars’ keyless tech. Still, Europol’s press release doesn’t mention the URL of the website or the domain where it was hosted.

“As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized,” Europol said.

“Among those arrested feature the software developers, its resellers and the car thieves who used this tool to steal vehicles.”

FNG cyberspace command seizure banner
FNG cyberspace command seizure banner (Europol)

While Europol didn’t provide any details on how the attacks managed to hack the keyless vehicles, remote keyless entry (RKE) systems are vulnerable to various there are 

The investigation was started by the French Gendarmerie’s Cybercrime Centre (C3N), with the French authorities also opening a case at Eurojust in September 2022.

The European Union judicial cooperation agency facilitated the cross-border judicial coordination between the French, Latvian, and Spanish national authorities involved in the joint operation.

Europol has also supported the investigation since March 2022 by providing intelligence and analysis support to the countries targeted by this criminal ring.

BleepingComputer reached out to Europol requesting more information but did not receive a reply before this article was published.

Source: www.bleepingcomputer.com