Car theft is evolving. Gone are the days of smashed windows and hotwiring. Today, sophisticated thieves are leveraging technology, and one method gaining notoriety involves the use of diagnostics boxes connected to your car’s OBD port. Having your car stolen is a deeply unsettling experience, and understanding how it happens is the first step in prevention. This article delves into the mechanics of OBD car theft, exploring how to unlock car doors with a diagnostics box and what you can do to protect your vehicle.
What is an OBD Port and How Thieves Use It?
The On-Board Diagnostics (OBD) port is a standard feature in modern vehicles. Originally designed for mechanics to diagnose car problems and monitor performance, it’s typically located under the dashboard, near the steering wheel. This port provides access to your car’s computer system, offering a wealth of information and control. Mechanics use diagnostic tools plugged into this port to read error codes, reset warning lights, and even reprogram certain vehicle functions for legitimate repair and maintenance.
However, this very access point, intended for vehicle health, has become a vulnerability. Criminals are exploiting the OBD port using readily available “diagnostics boxes” or programming tools. These devices, often disguised as legitimate diagnostic equipment, can be used for illicit purposes, including unlocking car doors and even starting the engine without the original key.
Adam Pilton, a former police officer and now a cybersecurity consultant at CyberSmart, explains how this works in practice: “Criminals are using OBD programming tools. It’s a little port normally underneath the steering wheel, just to the right. Garage mechanics use it for diagnostics and resetting warning lights, for example.” In the context of theft, these tools are far more sinister.
Relay Attacks and OBD Access: The Combined Threat
While the term “diagnostics box” might suggest a direct method of unlocking car doors, it’s often part of a more sophisticated attack chain, frequently combined with relay attacks. Relay attacks are used to bypass keyless entry systems, tricking the car into thinking the legitimate key is nearby.
As cybersecurity expert Chris Pritchard from Lares describes, relay attacks involve “a tool and aerial to relay the signal broadcast between your contactless key and the car. The car is tricked into thinking the key is close and unlocks the door.” This gets the thief into the car without forced entry.
This image illustrates the communication between the key fob, car, and driver in normal keyless entry operation.
Once inside, the OBD port becomes crucial. While a relay attack can unlock the doors and even start the engine initially, it often relies on the proximity of the relayed key signal. To permanently steal the vehicle and drive it away without the original key, thieves use OBD programming tools.
Ivan Reedman, director of secure engineering at IOActive, clarifies the OBD’s role: “Access via relay attack can only take the criminals so far (as far as they drive it until the engine stops). At that point, they need access to the on-board diagnostics (OBD). ‘Access to the OBD will trigger the car into starting by using other devices,’ explains Rogers. ‘Once the car is fooled into thinking the driver has legitimate access, there’s no reason to prevent driving.'”
Essentially, by connecting a diagnostics box to the OBD port, thieves can:
- Program a new key: Overwriting or adding a new key fob to the car’s system, effectively cloning a key.
- Disable the immobilizer: Bypassing the car’s anti-theft system that prevents the engine from starting without the correct key signal.
This combination of relay attacks for initial access and OBD exploitation for long-term control is a potent and increasingly common car theft method.
Tools and Techniques for OBD Unlocking: Readily Available and Easy to Use?
The disturbing reality is that the tools needed to exploit OBD vulnerabilities are not highly specialized or difficult to obtain. As David Rogers, CEO of Copper Horse, points out, “Car theft equipment is astonishingly easy to get hold of. The majority of car thieves have no technical knowledge; they push a button on a box or wave an antenna, and the car unlocks.”
These “diagnostics boxes” are often marketed online as legitimate automotive tools for mechanics and enthusiasts. However, in the wrong hands, they become powerful instruments for theft. Online marketplaces and even underground forums can be sources for these devices, making them accessible to criminals with minimal technical expertise.
Ivan Reedman emphasizes the simplicity: “It requires no skill. I suspect they do little more than watch videos online and buy the [relay] equipment. It’s trivial.” This ease of access and use is partly why car theft rates are rising, and why even younger individuals are reportedly becoming involved.
Is it Really “Hacking” When Using a Diagnostics Box?
The term “car hacking” is often used loosely, and in the context of OBD theft, it’s worth considering if it accurately describes the crime. Ivan Reedman offers a nuanced perspective: “If we look at a typical definition of hacking as ‘the gaining of unauthorised access to data in a system or computer,’ this would not be classified as a hack. The criminals gained unauthorised access to the car, yes, but not to any data, so I would argue this is a theft vs. a hack.”
However, Graham Cluley, host of the Smashing Security podcast, offers a broader view: “In its broadest sense, hacking is gaining unauthorised access to something, and the scumbags who stole your car did just that, by exploiting a flaw in its entry system.”
Regardless of the semantics, the use of diagnostics boxes to unlock car doors and steal vehicles undeniably involves exploiting technological vulnerabilities in modern car systems. Whether you call it “hacking” or “tech-enabled theft,” the impact on car owners is the same.
Preventing OBD Car Theft: Security Measures You Can Take
While car manufacturers bear a responsibility to enhance vehicle security, car owners can take proactive steps to mitigate the risk of OBD theft. Here are some practical measures:
-
Faraday Box or Pouch: As recommended by multiple experts, using a Faraday box or pouch to store your keys blocks radio signals, preventing relay attacks. This disrupts the initial access method often used in conjunction with OBD exploitation. Ensure both your primary and spare keys are protected.
-
OBD Port Lock: Consider installing an OBD port lock. These physical locks prevent unauthorized access to the OBD port, making it significantly harder for thieves to connect their diagnostics boxes and reprogram the vehicle. David Rogers suggests this as a valuable deterrent: “You can get these online; it makes it inconvenient for an attacker to plug into the diagnostic port once in your vehicle.”
-
Disable Keyless Entry (if possible): Some vehicles offer the option to disable keyless entry/go functionality. While less convenient, this eliminates the relay attack vulnerability, forcing thieves to resort to more traditional, and often riskier, methods of entry.
-
Steering Wheel Lock: A traditional mechanical steering wheel lock remains a visible and effective deterrent. While it won’t prevent OBD exploitation directly, it adds another layer of security and makes the car a less attractive target.
-
Car Alarm and Tracking Systems: Ensure your car alarm is active and consider installing a GPS tracking system. While these might not prevent theft, they can aid in recovery and potentially deter criminals.
-
Parking Strategically: Park in well-lit and secure areas whenever possible. Avoid leaving your car in isolated or vulnerable locations for extended periods.
-
Awareness and Vigilance: Stay informed about car theft methods and vulnerabilities. Be aware of your surroundings and report any suspicious activity to the authorities.
Manufacturer Responsibility and Future Security
Ultimately, car manufacturers have a critical role to play in addressing OBD vulnerabilities and enhancing overall vehicle security. Chris Pritchard argues that “Car manufacturers continue to push ease-of-use functionality over security.” This focus on convenience often comes at the expense of robust security measures.
This image represents older car models which often lack advanced security features found in newer vehicles.
While some manufacturers like Mercedes-Benz have introduced motion sensors in key fobs to mitigate relay attacks in newer models, more comprehensive solutions are needed across the industry. These could include:
- Enhanced OBD Port Security: Implementing stronger authentication and authorization protocols for OBD access, making it harder for unauthorized devices to connect and reprogram vehicle systems.
- Improved Immobilizer Systems: Developing more robust immobilizer systems that are less susceptible to OBD bypass techniques.
- Over-the-Air (OTA) Security Updates: Providing regular software updates to address newly discovered vulnerabilities and enhance security features, similar to how smartphone and computer security is maintained.
- Transparency and Education: Car manufacturers should be more transparent about security risks and educate car owners about available security features and preventative measures.
Conclusion: Taking Back Control of Your Car Security
Understanding how to unlock car doors with a diagnostics box is crucial in today’s landscape of evolving car theft methods. While the convenience of keyless entry and advanced vehicle technology is appealing, it’s essential to be aware of the associated security risks.
By taking proactive security measures like using Faraday boxes, considering OBD port locks, and staying informed, car owners can significantly reduce their vulnerability to OBD theft and relay attacks. Simultaneously, continued pressure on car manufacturers to prioritize security and implement robust solutions is vital in the ongoing fight against tech-enabled car theft. Knowledge is power, and by understanding these methods, you can take back control of your car’s security and protect yourself from becoming a victim of modern car thieves.
