Crooks can clone your wireless key fob to unlock and rob your car

Do you use a wireless key fob to lock/unlock your car doors, instead of doing it manually?

If so, you should heed this warning.

Danny Terry writes on Facebook (source: Spirit Daily):

I locked my car. As I walked away I heard my car door unlock. I went back and locked my car again three times. Each time, as soon as I started to walk away, I would hear it unlock again!! Naturally alarmed, I looked around and there were two guys sitting in a car in the fire lane next to the store. They were obviously watching me intently, and there was no doubt they were somehow involved in this very weird situation. I quickly chucked the errand I was on, jumped in my car and sped away. I went straight to the police station, told them what had happened, and found out I was part of a new, and very successful, scheme being used to gain entry into cars.

Two weeks later, my friend’s son had a similar happening…. While traveling, my friend’s son stopped at a roadside rest to use the bathroom. When he came out to his car less than 4-5 minutes later, someone had gotten into his car and stolen his cell phone, laptop computer, GPS navigator, briefcase…you name it. He called the police and since there were no signs of his car being broken into, the police told him he had been a victim of the latest robbery tactic — there is a device that robbers are using now to clone your security code when you lock your doors on your car using your key-chain locking device….

When you hit the lock button on your car upon exiting, it does not send the security code, but if you walk away and use the door lock on your key chain, it sends the code through the airwaves where it can be instantly stolen.

Andy Greenberg reports for Wireless, that at a 2015 hacker conference DefCon in Las Vegas, hacker Samy Kamkar presented a gadget he’d developed called “RollJam” — a $32 radio device, smaller than a cell phone, that is designed to defeat the “rolling codes” security used in not only most modern cars and trucks’ keyless entry systems, but also in their alarm systems and in modern garage door openers. The devise enables an intruder to break into cars and garages without a trace and turn off their alarms.

Kamkar said, “Every garage that has a wireless remote, and virtually every car that has a wireless key can be broken into.

This is how RollJam works:

  • Crooks using RollJam wait for an unsuspecting victim to use his or her key fob within radio range.
  • The victim will notice only that his or her key fob doesn’t work on the first try. That’s because RollJam has jammed the key fob’s wireless signal with a pair of cheap radios that send out noise on the two common frequencies used by cars and garage door openers.
  • At the same time, RollJam is “listening” with a third radio—one that’s more finely tuned to pick up the fob’s signal—and clones or records the user’s wireless security code.
  • When that first signal is jammed and fails to unlock the door, the victim naturally tries pressing the key fob button again. On that second press, the RollJam is programmed to again jam the signal and record that second code, but also to simultaneously broadcast its first code. That replayed first code unlocks the door, and the victim immediately forgets about the first failed effort to unlock the door. Meanwhile, the RollJam has secretly stored away a second, still-usable code. Kambar explains: “You think everything worked on the second time, and you drive home. But I now have a second code, and I can use that to unlock your car.”
  • Later, the crook simply presses a small button on the device to replay the intercepted code from the victim’s fob to open that car or garage.

More insidiously still, the crook doesn’t even have to be around! All that’s needed is for the crook to attach the RollJam to the targeted car or hide it near a garage. Kamkar says: “And then I can come at night or whenever and break in.”

Kamkar says he’d successfully tested RollJam on Nissan, Cadillac, Ford, Toyota, Lotus, Volkswagen, and Chrysler vehicles, as well as Cobra and Viper alarm systems and Genie and Liftmaster garage door openers. He estimates that millions of vehicles and garage doors may be vulnerable because the problem is in the chips used by many of those companies: the Keeloq system sold by the firm Microchip and the Hisec chips sold by Texas Instruments.

Kamkar said the solution is for companies to use chips with a system of codes that expire over short time periods, like the two-factor authentication systems of Google Authenticator or RSA’s SecurID which use codes that expire in seconds. In contrast, millions of car owners still protect their vehicles with vulnerable systems whose codes never expire. Kamkar said: “My own car is fully susceptible to this attack. I don’t think that’s right when we know this is solvable.”

~Eowyn

Advertisements

38 responses to “Crooks can clone your wireless key fob to unlock and rob your car

  1. Kevin J Lankford

    So, once again modern technology proves to cost more than its worth. At least it used to take actual physical effort to break in to stuff. That was surely more of a deterrent than having to push a button.

    Liked by 5 people

  2. As technology advances by the hour it can be detrimental, I mistrust just about anything electronic and proceed cautiously, if it is not spying is stealing, when it comes to transactions, if possible, I try to use cash as much as I can.

    Liked by 4 people

  3. Alma, I agree. From now on I will lock my car door manually when I get out of the car, when in unfamiliar places. I say that because I do not wonder very far from my rural enclave.

    Liked by 3 people

  4. Ain’t technology great? I guess that’s one advantage to having a car that is 17 years old and no FOB…

    Liked by 4 people

    • Ha! I thought I was the only one with an old (and not “vintage”, just “old”) car. The miser in me just can’t stand the idea of forking over $30,000-plus (plus-plus, sometimes) for a car that’s going to depreciate 20% just by driving it off the lot, is sure to get door-dinged, possibly keyed for the joy of it, backed into, and whatever else happens to cars when the owners aren’t looking (or even when they are).

      All I require vehicle-wise is something reliable and that has a working a/c (these hot flashes will not let up!). I am what is known as “a cheap date”, and I’m proud of it!

      Liked by 5 people

      • Hey, if it runs ok why not keep it! The thought of forking over so much for a new vehicle is nauseating…

        Liked by 3 people

      • Gee, and Obongo used to pay for the old one.

        Liked by 1 person

        • What bugged me about that “cash for clunkers” program was that to qualify, you had to allow them to destroy your engine — filling it with cement — to be sure it could never be driven again. Thanks, Al Gore. Moron.

          I just kept my old Ford. Drove it 27 years from new; now it’s in the garage while I drive the replacement SUV (bought used). Figure the old Taurus will make a fine coffin some day… it served me well in life, why not after? And if need be, I can get it running – road worthy again for maybe $3,000 or less. Way less if I don’t bother fixing the A/C or heat, which were always spotty. But even then, it has no anti-lock brakes, air bags, traction/stability control, etc. And it’s gotten hard for me to bend my back to fit into it over the years.

          My SUV has electronic stuff I still don’t care for, including the fob, and I always just use the door lock knobs when I leave it. However, I do use the fob to locate the darned thing when I return to open it, and maybe that also puts me at risk?

          Liked by 1 person

          • I think cash for clunkers was a program designed to decrease the market for older cars and force people to buy “newer” cars with all of that “awesome” technology that allows for govt spying.

            Liked by 2 people

            • From what I understand, the clunkers program was their way of getting older vehicles off of the road, to decrease the supply of cars that can’t be as easily “controlled” or reused for parts. The NWO Zionists want self driving cars with no steering wheels, no brake pedals and no way to control them if you’re inside. The older cars are great, you don’t have to worry about some stupid automatic camera coming on and blinding you if the sun’s hitting the wrong spot, or having some of this automatic crap decide to break or go on the fritz. Plus they’re making cars more chintzy every day, and so many places are making stuff in China (which then goes bad after a year or so, if it was even GOOD in the first place). My DH said that he never had alternators go bad until recently, and he’s had oodles of vehicles. Brakes are also no good, they start going bad within a year sometimes. It’s the China syndrome.

              Liked by 1 person

    • 1996 and still running!

      Liked by 3 people

  5. This is truly a problem, while it isn’t surprising. I’m more concerned that people are able to hack the car’s computer system. Most functions, including throttle and brakes are computer controlled or assisted these days.

    We have had a series of “accidents” that are EXTREMELY suspicious. It isn’t hard for someone with the tools and know how to hack a car’s computer and cause brakes to apply independently, the throttle to advance, etc..

    Just like the “Smart” appliances, there is a dirty agenda in the background.

    Liked by 5 people

    • Seems to be an endless cycle-someone designs and builds something to make a task easier,then some crook designs a way to use it to enable theft or other harm or damage,,then someone designs a way to protect it,and a crook finds a way to get around the “fix”,so they fix THAT,and a crook creates a way to beat the fix……As long as there’s a way to do something GOOD,a crook will find a way to use it to their advantage,and WE pay their way with our OWN goods,vehicles and security.It all circles around to one of the hardest sins to be rid of-GREED.Even if Americans ALL had everything aplenty,Greed would make SOME desire to have MORE than all they need,and the easy way to have it all is to steal it from others.Sad thing…..

      Liked by 3 people

    • “Just like the ‘Smart’ appliances, there is a dirty agenda in the background.”

      Exactly! So save your clunker-refrigerators & your clunker-washing-machines, etc.! I tell everyone who will listen to start buying up any/all “normal” appliances you can find at garage sales or on the cheap in the classifieds because TPTB want the “Internet of Things” & “Smart Homes” BAD & when it kicks off big time, there will be no regular-normal appliances left, including regular simple electric can openers, coffeemakers, etc. that do NOT have antennas in them. If you’ve got room in a garage to store a few of those things, it may pay off in the not so distant future.

      ~~~

      Not to get too far off topic, but this is the latest major creepy creeping-technocracy. Of course I knew it was coming (The Economist “foretold” it in early 2015), but here’s a recent photo of what the 5G “SMALL (whatajoke!) CELLS” may look like when they put one in front of your house (they want the entire country saturated with 5G by 2020 & homeowners have NO SAY SO as to where Telcoms can put these, thanks to the pre-Trump Feds. But since Trump loves technology, I doubt he would change anything unless the Deplorables raise Hades).

      This is Verizon’s version of a “small cell” as documented in Santa Rosa, Calif., news on 1/12/18:

      The article has five photos total of that deadly-looking mess on the pole + the big white box on the ground that goes with it:
      pressdemocrat dot com/news/7864085-181/new-verizon-antennas-generate-unwelcome

      Liked by 1 person

  6. Well! Just call me an old fuddy-duddy . . . frankly I did not like the fact that when I bough the Toyota RAV4–there was NO KEY! Frankly, I am not particularly a proponent on all the electronic gadgets. I too, am susceptible to this very kind of theft. I am left heartsick, now I will have to learn to manually lock the doors before getting out of the car. It was quite hard to relearn not to use a key to start the car.

    God Bless you Dr Eowyn for sharing this most important information with us. This is pertinent to so many of us, and I rather doubt that any of the FOTM family needs to be the victim of theft.

    Liked by 4 people

  7. I don’t fully understand how the RollJam supposedly works. The Lock signal and the Unlock signal are different. If you push the lock button two or three or more times the doors try to “lock” with each subsequent try – not unlock. So if the RollJam records two lock signals and plays the first one to then lock the car, when it later plays the second signal it should again “lock” the doors rather than unlock them. There are probably ways around that but it wouldn’t be simply replaying a recorded signal. If the RollJam records two unlock signals and then plays the first to unlock the car, unless the driver then relocks the car and leaves, the person operating the RollJam would have to follow the car to where it is next parked and locked in order to be able to use the recorded unlock signal. But if another signal is sent before the recorded signal is sent, the recorded signal would not register because it would then be an “old signal.” Did I miss something?
    In theory, if a person knows the algorithm used by a particular key fob to generate the signals, and that person can intercept several successive signals, and then can successfully decode the signals, they then can determine where in the rolling sequence the key fob is operating and can generate the appropriate signal to lock, unlock, open the trunk or sound the emergency horn, as desired. Provided more signals haven’t been generated in the interim. However, this is much, much easier said than done.

    Liked by 1 person

  8. For car owners who want to protect themselves against keyless-entry hacks, though, experts say there are precautions you can take.

    Stefan Savage, a University of California, San Diego computer science and engineering professor and a staffer at the Center for Automotive Embedded Systems Security, says that keeping your keys in a metal box, or carrying them in a wallet or purse designed to thwart hacks of passports with radio-frequency ID chips, could do the trick. Some key-holder products that claim to act as effective Faraday cages are the Fob Guard pouch and cases or wallets by Silent Pocket.

    Source –

    https://www.edmunds.com/car-news/technology/how-to-protect-your-car-from-keyless-entry-hacking.html

    Liked by 2 people

    • I just encased my car in aluminum foil. I had plenty left after I made my cap.

      Liked by 3 people

      • Haha. Cars actually can be professionally “shielded” but I’m not up on that subject. Recently I read that former Silicon Valley zillionaire Peter Sullivan (who had made his fortune on gadgets but later became sensitive to the EMRs & became an activist against same) had to have his Tesla electric car shielded because it made him feel sick.

        He was the 2nd big techie guy who I read was made ill by Tesla cars. The 2nd guy had tweeted that some of his friends also got sick in his Tesla car, so he got rid of it. I’m not sure if it was the magnetic fields from the electric motor, or if the Tesla’s had microwave radiation/wifi going the entire time, which made the people sick when riding in them.

        (As an aside, that 2nd guy is the CEO of a company. GEO LINKS, that plans to SATURATE rural areas with what he calls “Fixed Wireless” Internet which he says is safer than “normal” Wireless. You’d think his getting severe headaches from his Tesla would force him to choose a different line of work. I don’t trust Wireless, fixed or not, & this article is another good reason to be anti-wireless-anything!)

        If anyone is stuck having to get a newer model car, this lady tested 30-40 cars with her EMR testing gadget (magnetic fields) & found that Ford & Chevy trucks emitted the least: http://es-forum.com/Lowest-emf-vehicle-found-after-testing-between-30-40-vehicles-td4030733.html

        Liked by 1 person

        • Also, a MUST WATCH 9-min. video from Germany posted 10/31/2017, re Electrosmog in a Modern Car (tip: set the Subtitles option to auto-translate to English & set the speed to 0.75 as boy do they talk fast in Germany! & it will give you more time to read the Subtitles/translation).

          The video is re several doctors & researchers who take EEG readings on one MD’s BRAIN while he is in a new car with WIFI, Bluetooth, WLAN, cellphone, + the magnetic fields from the engine, etc. WHOA! They superimpose his brain’s image so you can see it light up in RED (& later even worse, a big chunk of his brain turns DEEP RED) as he turns on all those wireless things & as he drives in the car, etc.

          They also have in the car & show the actual EEG graph with all the lines going crazy zig-zag!

          The lady neuro monitoring the EEG said the car was affecting the part of the brain having to do with concentration! (And I thought people drove like maniacs 30 years ago on I-4!)

          Before the 9-min. mark, for just a short span, they show a mechanic under a car talking about how they do the SHIELDING to limit the magnetic fields.

          Near the end of the video one of the researchers says the 2000 reading was a concern because the (whatever health agency) says that only 400 nanotesla’s is carcinogenic!

          Spread the word: New cars can interfere with your concentration & contribute to cancer!

          Liked by 1 person

    • This is pretty sad that we even have to worry about this at all! I mean how lazy can you get. I especially find the automatic window roller downers particularly odious.
      Years ago my DH was at a gas station, and a big Cadillac pulled up. The driver and his wife were STUCK IN THE CAR. The doors would not open for some reason. And I think this was like 10 years ago. Think of what would happen if they were in an emergency. They’d have to break a window, then what if they were disabled physically.
      Don’t forget about those ignition kill switches that people had on their cars and when they got behind in their car payments the bank (?) or whoever would switch off the ignition. Some lady said it happened to her when she was driving.

      Liked by 1 person

      • In my prior most beloved car (a 1984 Toyota), I did love those automatic door locks (push a button & all four doors locked at the same time). That one did not have automatic windows, though.

        But a 2nd later used-even-older-but-fancier Toyota had both, auto windows & door-locks. That car lasted 22 years total (including prior owner) but before I got rid of it, the four electric windows did get STUCK in the Up position (better than Down, I guess), but since the A/C was long gone/broken, it was impossible to drive in it in the daytime FLA heat unless you wanted your face to turn beet red & feel like your head would explode.

        If they had stopped at that point with all the fancy stuff (auto door-locks & electric windows only), that would have been good enough! Or maybe just auto-door-locks & forget the electric-windows!)

        Liked by 2 people

  9. Not surprising…..
    the crooks must be pretty dumb to unlock the car door while the owner is still in the around

    Liked by 1 person

  10. Pingback: Crooks can clone your wireless key fob to unlock and rob your car | The Olive Branch Report

  11. Reblogged this on kommonsentsjane and commented:

    Reblogged on kommonsentsjane/blogkommonsents.

    Important read.

    An ‘ounce of prevention is worth a pound of cure’ is the saying. It means that it normally takes less (an ounce) in time, resources to stop a problem from occurring than it does (a pound) to fix the problem after it has already occurred.

    kommonsentsjane

    Liked by 1 person

  12. manual sounds like the best way to go…

    Liked by 2 people

  13. there was actually a conference for hackers?
    sounds like a prime opportunity for the fbi to be lying in wait…

    Liked by 1 person

  14. i used my feet,i trust them better than any ,,modern device,,..ty not for me,nope! all the modern tech today is pure evil ,n i add bs too…stay safe be safe!

    Liked by 1 person

  15. Reblogged this on On the Patio and commented:

    Beware of the “RollJam”! The latest technology that allows thieves to clone any, and I mean ANY, remote signal. Be it a car lock, garage door opener or home security system by your simple click to activate. If it sees it it can then repeat it. Voila! You are in! It’s that simple. No signs of tampering because there is none!
    READ AND HEED!

    Liked by 2 people

  16. Re: the subject at hand, those FOB things, thanks for the warning. My elderly (but remarkably healthy) mother has had + currently has an even newer car with those FOBs, so this is very concerning, especially the fact they could also open garage doors that way. You could always keep your car emptied of anything important, just in case anyone anti-Fobbed your car, but the garage is an entry to the house! Plus, my father has to go with her everywhere in the car because he has dementia, & I already know all that fancy wireless crap in new cars makes his brain worse (see above German modern-car-video) but NOBODY & I mean NOBODY believes what I say (& they don’t want to read to learn. Like former-President Nixon said, If Americans don’t see something on TV, they won’t believe it). It’s the most frustrating thing you can imagine. Sigh & groan!

    ~~~

    The closest I ever came to having a FOB-like device was a cheapo Walmart no-wires Door Bell circa 1995.
    It would constantly DingDing even when nobody was at the door. My father had said it probably kept going off because someone nearby must have had the same Door Bell or the same code to whatever gadget they had. That was creepy enough. But when you have gotten up enough times to answer the door & nobody is there, that’s when that Door Bell finally went into File 13 & to the dumpster. From now on, just Knock the good & sufficient old-fashioned way. 🙂

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s