July 11, 2012
Hackers are gone with a keyless BMW in 180 seconds
Car thieves across the Atlantic are getting away with multiple BMW models without activating the car alarms or immobilizers by hacking into them. BMW has admitted the problem and is shrugging off saying the whole industry is plagued by the same problem, but the statistics are not at all in BMW’s favor.
In this particular video, there are a few security flaws that the hackers are exploiting simultaneously: there is no sensor that is triggered when the thieves initially break the window, the internal ultrasonic sensor system has a “blind spot” just in front of the OBD port, the OBD port is constantly powered (even when the car is off), and last but not least, it does not require a password. All of this means the thieves can gain complete access to the car without even entering it.