Carjacking device unmasked as Relay Attack

Thieves have been using the gadget since 2013

Insurance News

By Will Koblensky

It can unlock car doors and start engines at the click of a button - and the device identified by the National Insurance Crime Bureau (NCIB) as a vehicle network testing tool is being used to steal cars.

Carjackers were caught on camera in 2013 using the tool but police were mystified about what it was until now.

Called the Relay Attack, the electronic pocket-sized mechanism helps carmakers test the security of vehicles and was previously dubbed a ‘mystery device’.

In addition to the cars themselves, valuables like a $15,000 custom bike have been stolen from the back of cars by thieves using the Relay Attack.

The NCIB obtained a Relay Attack unit from an unidentified company allegedly from Europe prior to announcing the unmasking of the ‘mystery device’.

The NCIB describes the Relay Attack as a “low-power threat evaluation unit aimed at testing cars vulnerability to thieves.”

“This particular device only works on vehicles that have a keyless, fob remote and a push button start,” Roger Morris, Chief Communications Officer of the NCIB said. “We found it generally takes two people working together to use it.”

When a driver exits their vehicle and locks it with a fob, the thief uses the Relay Attack within a few feet to capture the code being transferred from the driver’s fob to the vehicle.

The code is relayed to a secondary box that’s placed beside the handle, tricking the car’s network into thinking it’s receiving the fob signal allowing it to unlock.

The NCIB tested 35 different cars, minivans, SUVs and pick-up trucks and were able to open 19 of those vehicles with the Relay Attack.

It started the engines of 18 of those vehicles, after opening them.

 

Related stories:
Insurance start-up Clover aims to "reinvent" health care
Woman to stay on death row for insurance killing

 

Keep up with the latest news and events

Join our mailing list, it’s free!