Nigeria’s Communications Commission (NCC) published a warning yesterday advising drivers in the West African country to beware of a new cybercrime method being used by hackers where car doors can be opened and vehicles can be started without keys, all done remotely while the criminals hide nearby.
According to the NCC, owners of Honda and Acura-model vehicles are the most susceptible to these kinds of new attacks.
The NCC discovered these new grand theft auto methods via investigations made by the Computer Security Incident Response Team (CSIRT), a cybersecurity body established to protect the country’s telecom sector by the NCC.
According to CSIRT’s report, released to the media by Dr Ikechukwu Adinde, Director Public Affairs at the NCC, there is an existing cyber-vulnerability with certain makes of vehicles that allows hackers to remotely unlock vehicles, start their engines wirelessly and then steal the cars. The only requirement is that the hackers be nearby the vehicles to allow the process to take place.
“CSIRT discovered that because car remotes are categorised as short-range devices that make use of radiofrequency to lock and unlock cars, there are immediate dangers in a new hacking method which sees hackers take advantage to unlock and start a compromised car,” said Adinde, quoted by Vanguard Nigeria.
According to CSIRT’s report, the cybercrime attack is what is known as a “Man-in-the-Middle” attack, or a reply attack, in which a threat actor intercepts the radio signal used by car remotes and manipulates the signal in order for the criminal to remotely unlock the car at a later time – like when the owner has lost sight of the vehicle – and gain access.
Some vehicles are more susceptible to these attacks than others, such as certain Honda or Acura models which can be started without ignition keys. These model vehicles can have their engines started wirelessly using the same reply attack method. By the time the owner returns, their car has vanished with no broken glass or alarm bells to tell the owner of what occurred.
“The attack consists of a threat actor capturing the radiofrequency…