PETALING JAYA • Owners of cars using the keyless entry system are at risk of having their vehicles stolen in minutes by a frequency-hacking device that is easily available.
The device, which costs about RM150 (S$50) and can be obtained online or at some electronics stores, can unlock a car and start its engine by hacking its radio frequency identification (RFID) information.
A source said the device can open almost every car that has a keyless entry system.
The thieves recruit hackers to install the required software on their laptops and teach them how to operate the device, said the source.
There are three ways to steal the encryption code to unlock the cars, according to the source.
"The device is attached to a computer which has simple frequency-monitoring software that can be downloaded for free from the Internet. The software reads the frequency transmitted between the remote key and car system.
"It can capture the frequency code used to lock the car. At the same time, it decrypts the rolling codes transmitted back by the car to the remote key to unlock the vehicle," the source explained.
The second method is to "attack" the car's system. The hacking device broadcasts a signal mimicking the remote, tricking the car into responding with a rolling code. The device captures the code and decrypts it to unlock the vehicle.
The source said the process could just take a few minutes, depending on the hackers' code database.
"Thieves have also been known to steal the code from the remote key by broadcasting a radio signal to it.
"This emulates the car communicating with the key, which will automatically send a response.
"The car thieves will then capture and decrypt the frequency transmitted from the key and pair it with the car's locking system to unlock the vehicle."
The source said many keyless entry systems included a remote keyless ignition system. So when thieves unlock the vehicle, they can also start the car.
Remote keyless ignition uses a push button to start the car, not a physical key.
Munich-based Allgemeiner Deutscher Automobil-Club (Adac), the largest auto club in Europe, recently said 110 models from 27 different manufacturers were at risk of being stolen based on the keyless system they used.
In a test conducted by the club, which has 19 million members, the cars were easily "stolen" using a frequency-hacking device.
An Adac report said they were not only able to unlock the vehicles but also start them with no problem.
"To date, car manufacturers have yet to find a foolproof solution to beat these car thieves," the Adac findings concluded.
A spokesman for the Malaysian police said they were aware of this high-tech method.
"Car owners should take extra precautions like installing GPS tracking devices or use steering or gear locks to deter thieves," he said, adding that nothing beats a good physical lock, which made it much harder for thieves.
Statistics on such thefts are not available in Malaysia.
British automotive services company RAC said the number of vehicle thefts reported to 40 police stations in England and Wales rose from 65,783 in 2013 to 85,688 in 2016. The rise was attributed to thieves hacking the car's system.
Automotive industry insiders say the old way of securing cars - using manual keys and locks - is more effective in preventing vehicle theft.
A spokesman for a carmaker said the longer time taken to steal vehicles with old-fashioned locks discouraged thieves.
Car owners are also encouraged to use anti-theft devices such as steering locks, immobilisers, motion sensors and top-grade alarms.
A man who gave his name only as Lee said he suspected thieves used the hacking method to steal his car.
"Five other friends lost their vehicles within two months of my car being stolen," he said, adding that his car used push-button ignition.
He said the thieves also deactivated the alarm when they unlocked his luxury car.
THE STAR/ASIA NEWS NETWORK