ar thieves have come up with yet another way to steal your car, and this one is rather creative. We’ll refer to it as “headlight hacking,” but as Dr. Ken Tindell of Canis Automotive Labs describes in his extensive and technical blog post, it’s a bit more complicated than that.
The method of theft begins at your car’s headlight module, but the only reason thieves have chosen this point of entry is because it offers them the easiest way to get hooked into a vehicle’s CAN bus system. For those unfamiliar, the CAN bus system of a vehicle is the method by which the numerous ECUs throughout a modern vehicle communicate with each other. Thieves are using this central nervous system to their advantage by executing an attack referred to as “CAN injection.”
2,500-year-old last meal found inside intact tomb in Italy – It’s still popular today
Someone has developed a tool (disguised as a JBL Bluetooth speaker and sold on the dark web) that when wired into a vehicle’s control CAN bus, can impersonate the vehicle’s key fob. The vehicle used as an example is a current-generation Toyota RAV4, but it’s vital to note that this vulnerability is not specific to any particular OEM or model — this is an industry-wide problem at the moment. Thieves are pulling bumpers and trim pieces away from a vehicle, which allows them access to the CAN bus near the headlight connector. Much of a vehicle’s CAN bus systems will be found hidden deep inside a car, but since modern headlights are so smart these days, they require their own ECUs, which means they’re going to be wired into the whole car’s CAN bus system.
Read more: Autoblog