Using a small “Game Boy” type device, thieves are able to steal Hyundai and Kia electric vehicles in just a few seconds.
Hyundai and Kia are no strangers to theft issues. In 2022 and 2023, the brands made headlines after the Kia Boys went on a rampage using low-tech methods to steal base-model cars, such as using a USB charger to spin the ignition cylinder. The attacks have become more sophisticated since then, and now thieves with deeper pockets and loftier ambitions have started targeting Hyundai electric vehicles.
Their tool? A hacking device disguised as a Nintendo Game Boy.
Flight problems at Hyundai
In 2021, a rash of Hyundai and Kia vehicle thefts occurred in Milwaukee, Wisconsin. The thefts were eventually traced to a group called the “Kia Boys” who would steal the vehicles for profit, driving them recklessly before vandalizing them or leaving them on the side of the road when they ran out of gas. Eventually, the thefts went viral on social media and resulted in some affected models becoming uninsurable.
Reports of stolen Hyundai Ioniq 5s began surfacing late last year, with owners waking up to missing vehicles or notifications on their cell phones saying their car had been unlocked and ultimately unable to be located from their Hyundai app.
Blame him Gameboy.
Technically, the device is called an emulator, but it’s a set of radio transmission hardware built into a shell by someone in Europe to resemble Nintendo’s classic handheld console. This device has been around for a few years. But based on the devices we’ve seen for sale and the vehicles that are said to be “compatible” with them, Hyundai Motor Group’s electric vehicles are now the first EVs to be targeted specifically.
The system works once the car is woken up by touching the door handle and activating a communication protocol between the car and what would be the owner’s key fob. A program is then activated on the emulator that begins to communicate with the car. The device tricks the car into thinking it is a legitimate key by using a specific algorithm that will eventually calculate the correct code, usually within a few seconds. If it takes a little longer, the thief can place the device in his pocket and wait for it to vibrate to signal that he has found the code and saved it for use.
Here is a video showing one such apparent theft:
(InsideEVs deliberately does not include any information about where or how to obtain this technology as part of this report, which exists to alert owners to its existence.)
We’ve seen more sophisticated technical attacks in the past. Relay attacks, where thieves use devices to extend the range of a key fob to trick the car into thinking the key is inches away from the vehicle rather than dozens of feet, are the most common. Even Tesla vehicles have been exposed to these types of attacks, which could be the case with the Ioniq 5. But in some cases, the owners weren’t even in the same country at the time of the theft.
This device then unlocks the vehicle and can be used as a key to start the vehicle. And once away from the crime scene, the thief can remove the car’s connectivity modules to render the GPS and in-app tracking useless.
Dealers of the device claim that the Hyundai Ioniq 5, Kia EV6 and Genesis GV60 can be stolen in seconds. Other domestic models of the Korean automaker affected include the Kia Niro, Forte and K5. There are a number of other models that are also susceptible to this type of attack, but require the generation of a unique PIN code using the vehicle’s VIN number, which is visible from the outside of the car.
In this report from Polish media outlet Polsat News, you can see such a device demonstrated by a journalist and a law enforcement officer about six minutes later:
We reached out to Hyundai to see how much the automaker was aware of this particular bypass of its theft protections. However, the automaker was unable to provide us with any information at the time of writing.
Hyundai and Kia aren’t the only ones battling it out in this arena. The same dealers offer console-style devices that can hack key combinations into modern Infiniti, Lexus, Mercedes-Benz, Mitsubishi, Nissan, Subaru and Toyota vehicles, among other brands not sold in the U.S.
It’s not unusual to disguise car hacking tools to go unnoticed. Thieves also have CAN injector hardware hidden inside fake JBL speakers used to steal cars in the same way. Some other devices are designed to look like key fobs or even Android phones.
This particular theft example illustrates something no consumer or local law enforcement agency is prepared to deal with: With enough cash and a compatible car, a thief can make off with your vehicle in seconds with just this device.
The only barrier to accessing these devices is their price. The few examples that InsideEVs was able to come across cost between $16,000 and $30,000, which, admittedly, is a fraction of the price of a new Hyundai Ioniq 5N or Kia EV6 GT. But that’s the only thing that separates a vulnerable car from a crack team that offers it to the highest bidder.
Learn more
News Source : insideevs.com
Gn tech
