GET THE FREE NATIONAL CYBER SECURITY APP FOR YOUR PHONE AND TABLET
Houston police arrested two men last Thursday for stealing a Jeep Grand Cherokee with the help of a laptop in Houston, Texas. Both are also suspected of participating in a major grand theft auto scheme in which unknown criminals stole more than 100 cars using similar hacking techniques.
Police investigators have been tracking the thefts for several months, and they believe the two men are part of a bigger criminal group. While they steal the cars, the rest of the members would drive the vehicles from Houston across the Mexican border.
The case involves a Chrysler vehicle, and the company has been dealing with a hacking problem since 2015. At the Black Hat Conference 2015, Charlie Miller and Chris Valasek hacked a Chrysler car remotely using an exploit in the Uconnect software. As a result, the company issued a fix to all its customers, but that only solved things partially.
The duo of hackers repeated the feat at the same convention this year, but it was a little different. Miller and Valasek managed to take over a Grand Jeep Cherokee’s controls with a laptop connected to the dashboard.
The criminals hacked the Jeep Grand Cherokee with a laptop
Michael Arce, 24, and Jesse Zelaya, 22, were arrested while trying to take a Jeep Grand Cherokee and reach Mexico with the vehicle to sell it on the black market. Police believe one of them had disabled the SUV’s alarm system before the other hacked the jeep with his laptop.
Both men are currently held at Harris County Jail and were charged with unauthorized use of a vehicle, while Arce was also accused of felony possession of a weapon and possession with intent to deliver a controlled substance.
The U.S. Department of Homeland Security and Customs and Immigration Enforcement helped the local police department to identify the two suspects. Law enforcers caught the duo red-handed after leads on the case guided them to a zone where they usually operated.
The investigation began in June when a victim showed police officers a surveillance video of someone getting inside his Jeep Wrangler and using a laptop to get away with it.
“THEY MAY NOT BE THE ONLY ONES DOING THIS, BUT RIGHT NOW, WE FEEL WITH THOSE ARRESTS, WE SHOULD BE ABLE TO CURB THE AMOUNT OF THEFTS THAT HAVE BEEN OCCURRING,” Houston police officer Jim Woods said.
The two men could be part of the biggest car heist in the history of Texas
Many of the stolen cars and trucks were new Jeep and Dodge models, highly valuable in other countries. Engineers, dealers and now thieves as well use an exploit on the software found on these vehicle’s dashboard computer. The criminals employ portable computers to compromise the keycode of the electronic security system equipped in the vehicles allowing them to drive away in just a few minutes.
As to why or how they got access to the database of codes used by auto dealers to replace key fobs, it’s still unclear. Accordingly, Fiat Chrysler is working with the police in the investigation.
Berj Alexanian, a spokesman for the car company, said that while the national database includes vehicles from all over the United States, there hasn’t been, to his knowledge, similar cases outside Houston.
According to its vice president Roger Morris, the National Insurance Crime Bureau (NICB) has been investigating claims related to the possibility of remotely steal cars with electronic devices.
Computer security expert Yoni Heilbronn said he believes these type of thefts are going to increase in numbers as vehicles are becoming more and more computerized, with car companies, including Fiat Chrysler, even hiring hackers to find vulnerabilities in car software.