Rocket City Rock Crawlers Homepage
Forum Home Forum Home > General > General 4x4 Discussion
  New Posts New Posts RSS Feed - Crooks Using CAN Injection Attacks To Steal Cars
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Crooks Using CAN Injection Attacks To Steal Cars

 Post Reply Post Reply
Author
Message Reverse Sort Order
dirtbikedad View Drop Down
RCRC Club Member
RCRC Club Member
Avatar

Joined: 07 January 2011
Location: Athens, AL
Status: Offline
Points: 87
Post Options Post Options   Thanks (0) Thanks(0)   Quote dirtbikedad Quote  Post ReplyReply Direct Link To This Post Topic: Crooks Using CAN Injection Attacks To Steal Cars
    Posted: 08 April 2023 at 8:18am
if there is a will to steal a car thieves will find a way.
dirtbikedad
Back to Top
alabamatoy View Drop Down
Admin Group
Admin Group
Avatar
I dont work here anymore...

Joined: 16 February 2004
Location: Signal Mountain
Status: Offline
Points: 9366
Post Options Post Options   Thanks (0) Thanks(0)   Quote alabamatoy Quote  Post ReplyReply Direct Link To This Post Posted: 08 April 2023 at 6:16am

"Thieves has [sic] discovered new ways to steal cars by pulling off smart devices (like smart headlights) to get at and attack via the Controller Area Network (CAN) bus," writes longtime Slashdot reader KindMind.

The Register reports: A Controller Area Network (CAN) bus is present in nearly all modern cars, and is used by microcontrollers and other devices to talk to each other within the vehicle and carry out the work they are supposed to do. In a CAN injection attack, thieves access the network, and introduce bogus messages as if it were from the car's smart key receiver. These messages effectively cause the security system to unlock the vehicle and disable the engine immobilizer, allowing it to be stolen. To gain this network access, the crooks can, for instance, break open a headlamp and use its connection to the bus to send messages. From that point, they can simply manipulate other devices to steal the vehicle.

"In most cars on the road today, these internal messages aren't protected: the receivers simply trust them," [Ken Tindell, CTO of Canis Automotive Labs] detailed in a technical write-up this week. The discovery followed an investigation by Ian Tabor, a cybersecurity researcher and automotive engineering consultant working for EDAG Engineering Group. It was driven by the theft of Tabor's RAV4. Leading up to the crime, Tabor noticed the front bumper and arch rim had been pulled off by someone, and the headlight wiring plug removed. The surrounding area was scuffed with screwdriver markings, which, together with the fact the damage was on the kerbside, seemed to rule out damage caused by a passing vehicle. More vandalism was later done to the car: gashes in the paint work, molding clips removed, and malfunctioning headlamps. A few days later, the Toyota was stolen.

Refusing to take the pilfering lying down, Tabor used his experience to try to figure out how the thieves had done the job. The MyT app from Toyota -- which among other things allows you to inspect the data logs of your vehicle -- helped out. It provided evidence that Electronic Control Units (ECUs) in the RAV4 had detected malfunctions, logged as Diagnostic Trouble Codes (DTCs), before the theft. According to Tindell, "Ian's car dropped a lot of DTCs." Various systems had seemingly failed or suffered faults, including the front cameras and the hybrid engine control system. With some further analysis it became clear the ECUs probably hadn't failed, but communication between them had been lost or disrupted. The common factor was the CAN bus.


Edited by alabamatoy - 08 April 2023 at 6:20am
"If you didnt buy your 1st gen 4Runner new, then YOU are a newbie!!"

BRC Life Member
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.01
Copyright ©2001-2018 Web Wiz Ltd.

This page was generated in 0.047 seconds.