Hackers Using Old Nokia 3310 Phone to Steal Cars


The car thieves are employing the out-of-date Nokia 3310 phone to access cars through hacking. This new approach is among the significant and distinctive incidents recorded globally regarding car theft.

An analyst at Motherboard’s Vice recently found a video in which a guy in a Toyota keeps pressing a button beside the steering wheel.

The engine won’t start, and the man is without the key. Indeed, he pulls out a surprising tool to fix the issue, and it’s none other than a legendary Nokia 3310 phone.

Innocent-Looking Car Theft Devices

The man connects his Nokia 3310 phone to the car using a black cable. He navigates through options on the tiny LCD screen that reads, “CONNECT. GET DATA.”

EHA

This video reveals a new form of car theft that is actively happening in the United States.

Vice reported that even car thieves are using small gadgets, sometimes disguised as Bluetooth speakers or phones, to access and control a car’s system.

Even without technical expertise, thieves can now steal cars in under 15 seconds using this method without requiring the car key.

The online availability of these gadgets and devices priced at a few thousand dollars has significantly lowered the entry barrier for car theft, even for expensive luxury cars.

What’s most shocking about these devices is that they are designed in such a way that it does all the work for their operators; in short, a newbie can also perform a car theft with the help of these devices. 

This clearly shows how stealthy and dangerous all these illicit gadgets or devices are. Here’s what Ken Tindell, CTO at vehicle cybersecurity firm Canis Labs stated:-

“All they have to do is take two wires from the device, detach the headlight, and stuff the wires into the right holes in the vehicle side of the connector.”

Motherboard’s discovery of numerous YouTube videos is evidence of the widespread use of the technique, as seen in the video where a Toyota started using a Nokia 3310.

Luxury brands, such as: use some devices-

  • Maserati
  • Land Cruiser
  • Lexus

Price Tags

There are several websites and Telegram channels that advertise this technology for price tags of:-

  • €2,500 to €18,000 ($2,700 to $19,600)
  • Nokia 3310 device for 3,500 to 4,000 Euro ($3,800 to $4,300)

The sellers often disguise the technology as “emergency start” devices for locksmiths, which are sometimes useless to legitimate businesses. 

Although some sites offer locksmith tools, the ones hidden inside phones or casings are solely for car theft purposes.

Websites selling the devices claim to provide updates to customers who have already made purchases. This clearly shows that the devices are continually evolving and developing their capabilities.

An engine starters seller agreed to ship a device via a DHL courier service to Motherboard, who pretended to be a potential buyer from the United States.

When the seller was asked about the functionality of the Nokia 3310 phone on cars, the seller said:-

“Yes, Nokia works with USA cars.”

Payment Medium & Solution

It has been confirmed by the seller that they accept the following mediums for payment:-

  • Western Union
  • MoneyGram
  • Bank transfers
  • Cryptocurrency

The CAN (controller area network) injection mechanism involves fake messages sent during the injection process, which appear to originate from the intelligent key receiver of the car itself.

These messages are used to trick the car into starting without a key. Currently, many vehicles are vulnerable to these attacks, making them easily accessible to thieves.

Implementing cryptographic protections in the CAN messages is the only solution to prevent these attacks on vehicles, which can be done through a software update.

Why do Organizations need Unified endpoint management – 
Download Free E-books & Whitepapers



Source link