Study lists cars that can be stolen in seconds via keyless hack

The method has been blamed for a spike in driveway car thefts.

Security tests of popular vehicles suggests some can be stolen in just a few seconds due to a vulnerability with keyless technology that has become increasingly popular in recent years.

The What Car study used a relay hack that essentially detects the signals emitted by key fobs and amplifies the signal to trick the vehicle into believing the fob is next to the vehicle, as it would be if the owner was entering the vehicle.

The worst-performing vehicle was the DS 3 Crossback, which could be stolen in just 10 seconds. The Audi TT RS Roadster was stolen just as quickly, but only if the keyless entry system was not disabled and the motion-detecting key fob was still transmitting.

The 2018 Land Rover Discovery Sport took 30 seconds to drive away, though Jaguar Land Rover's new models integrate a new radio technology to block such attacks. Consequently, the newer Land Rover Discovery Sport was vulnerable to entry but could not be driven away.

Other models employing motion-detecting key fobs include the BMW X3, Mercedes-Benz A-Class and Ford Fiesta. In all three cases, the cars could be stolen only if the keyfob was still transmitting. Ford's key went into sleep mode when stationary for 40 seconds, while the German brands appear to be using a longer period of two minutes.

"Every single case we are aware of where a relay attack method has been used is when the key is left unattended and not in a pocket - hence our approach to the solution," BMW said in a statement.

The relay vulnerability has been extensively researched by security experts and widely covered by the media, prompting relatively quick reactions from automakers to roll out more secure technology or at least provide a setting in the vehicle to disable keyless entry. As it stands, however, vehicles built before the improvements will likely remain easy prey for thieves.

Read more!