IE 11 is not supported. For an optimal experience visit our site on another browser.

Hackers steal BMWs in 3 minutes using security loophole

BMW hack

There has been an unusual spike in the number of BMWs stolen in the UK this year, with some sources suggesting the number may be 300 cars or higher. The cars are being stolen without activating car alarms or immobilizers.

The suspected method involves the use of devices that plug into the car's OBD port and can program blank key fobs, leaving owners with keys to missing cars.

The essential theft process varies in detail, but all reports seem to have a fundamental methodology in common. First, the car is entered, either via nearby RF jammers that block the fob lock signal from reaching the car (preventing owners from securing their vehicles) or, more crudely, by breaking a window, as seen in the video in this post of the 1 Series being stolen. In cases of the window break, the thieves seem to be exploiting a gap in the car's internal ultrasonic sensor system to avoid tripping the alarm.

Once some sort of access to the vehicle is gained, the thieves connect a device to the car's OBD-II connector which gives them access to the car's unique key fob digital ID, allowing them to program a blank key fob to work with the car right then and there.

All cars sold in Europe must permit open and unsecured access to OBD codes, so non-franchised mechanics and garages may read the codes. BMW is not the only car company to allow key code access through the OBD port, but the recent rash of BMW thefts, compared to other makes, suggests another factor may be at play, possibly a good supply of blank BMW key fobs.

Used key fobs are available, and can usually be reprogrammed for another car of the same model, and new blank fobs are available as well.

BMW sites and forums have been understandably alarmed about the issue, which is affecting all BMW series models, from the 1 to the X6.

When contacted by Jalopnik, BMW's UK media relations manager, Gavin Ward, shared this statement:

The battle against increasingly sophisticated thieves is a constant challenge for all car makers. Desirable, premium-branded cars, like BMW and its competitors, have always been targeted. BMW has been at the forefront of vehicle security for many years and is constantly pushing the boundaries of the latest defence systems. We work closely with the authorities and with other manufacturers to achieve this.We are aware of recent claims that criminal gangs are targeting premium vehicles from a variety of manufacturers. This is an area under investigation.We have a constant dialogue with police forces to understand any patterns which may emerge. This data is used to enhance our defence systems accordingly. Currently BMW Group products meet or exceed all global legislative criteria concerning vehicle security.

They're correct that the overall problem is industry-wide, but clearly, something is up with BMWs in particular, which are being stolen in far greater quantities than would normally occur. There appears to be a security hole that is being exploited. 

For recent-model BMW owners, options are at this point are pretty limited. The only sure-fire way to protect your car would be to disable or provide extra physical security for the OBD-II port itself. Neither is a great solution.

If manufacturers are going to provide electronic key fobs, the information needed to duplicate the key needs to be secured better. Or at all. The information needs to be available to the owner without a trip to a dealer, and perhaps should incorporate some manner of PIN or password to maintain security.

We'll keep monitoring the situation. Perhaps the world's slithering lowlifes will decide to stop stealing cars; until that happens, the ball is in BMW's court.

(Thanks to everyone for the tip! Sources: PistonHeads1AddictsExpress & Star)

More auto awesomeness from Jalopnik: