Protecting Your Hyundai or KIA from the “Kia Challenge” Hack
Reading Time: 3 Minutes
Automakers Hyundai and KIA roll out emergency software update to combat car theft
Car theft has long been a concern for automobile owners, but the issue has taken on a new dimension in the age of social media. Recently, Hyundai and KIA have been forced to respond to a major problem with car theft that has been promoted heavily on TikTok and other social media channels. Videos showing how to remove the steering column cover to reveal a USB-A slot that can be used to hotwire the car have gone viral, leading to a significant increase in thefts targeting vehicles without push-button ignitions and immobilizing anti-theft devices in the United States.
The impact of this so-called “Kia Challenge” has been so significant that the two brands had a steep 85% increase in thefts in 2022 compared to the previous year in Los Angeles, while Chicago reported a nine-fold rise for the same.
See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses
The flaw in the “turn-key-to-start” system and its impact on theft
In response, Hyundai and KIA are rolling out a free anti-theft software upgrade that aims to prevent the vehicles from starting during this type of theft. The upgrade will modify the “turn-key-to-start” logic to kill the ignition when the car owner locks the doors using the genuine key fob.
After the upgrade, the ignition will only activate if the key fob is used to unlock the vehicle. The upgrade will be provided free of charge for all impacted vehicles, with the rollout starting yesterday to more than 1 million 2017-2020 Elantra, 2015-2019 Sonata, and 2020-2021 Venue cars. A second rollout phase will be completed until June 2023, including many more models.
The United States Department of Transportation (NHTSA) published a post yesterday explaining that the security flaw impacts approximately 3.8 million Hyundai vehicles and 4.5 million KIA cars, with these hacks resulting in at least 14 confirmed car crashes and eight fatalities.
Since November 2022, the two car brands have been working with law enforcement agencies across the United States to provide tens of thousands of steering wheel locks, but a software update will now better solve the security problem.
Trending: Major Cyber Attacks of 2022
Trending: Recon Tool: SauronEye
Software upgrade will be provided free of charge for all impacted vehicles
Hyundai has taken a proactive approach to the issue, working with law enforcement agencies and now providing a solution that is free and easy to install. The free upgrade will be installed on Hyundai’s official dealers and service network in the U.S. and will take less than an hour. Eligible car owners will be notified by the carmaker individually.
Additionally, Hyundai will supply its customers with a window sticker that makes it clear to aspiring thieves that the car’s software has been upgraded to neutralize the social-media-promoted hack, discouraging any attempts. For models with no engine immobilizers that cannot receive the fixing software upgrade, Hyundai will cover the cost of steering wheel locks for their owners.
KIA has also promised to start the rollout of its software upgrade soon but has not released any announcements with specific dates or details yet. As car theft continues to be a major issue, this upgrade provides much-needed protection for millions of car owners across the United States.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: bleepingcomputer.com
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
