Hyundai and Kia cars could be stolen with just a USB cable
As many as four million Hyundai vehicles without push-button start and immobilizing anti-theft devices in the US are being targeted in the latest round of automotive attacks, with TikTok getting the blame.
The so-called ‘challenge’ on social media has uncovered how criminals can remove the steering column cover of certain models, uncovering a USB port that they can use to hotwire the car.
According to Los Angeles officials, the ‘Kia Boyz’ challenge resulted in a substantial 85% increase in the theft of Hyundai and Kia models compared with the previous year (via CNBC).
Hyundai and Kia thefts
In an announcement, Hyundai said that “all Hyundai vehicles produced since November 2021 are equipped with an engine immobilizer as standard equipment”. Despite this, the list of affected models is extensive:
2017-2020 Elantra2015-2019 Sonata2020-2021 Venue2018-2022 Accent2011-2016 Elantra2021-2022 Elantra2018-2020 Elantra GT2011-2014 Genesis Coupe2018-2022 Kona2020-2021 Palisade2013-2018 Santa Fe Sport2013-2022 Santa Fe2019 Santa Fe XL2011-2014 Sonata2011-2022 Tucson2012-2017, 2019-2021 Veloster
The first three models emphasized in italics in the above list are already eligible for a software update, which must be performed at an authorized dealership and can take as long as an hour. The remaining models are expected to get a patch by June 2023.
In the meantime, Hyundai promises to be distributing free steering wheel locks to law enforcement agencies, which are to be supplied to owners and leasers of affected models. It will also install window stickers on fixed vehicles to notify criminals of their upgraded security. However, there are some models that cannot accommodate the software fix. The company says:
“For these customers, Hyundai is finalizing a program to reimburse them for their purchase of steering wheel locks. Hyundai will provide these customers with more detail in the very near future.”
Hyundai has set up a dedicated website for owners of the affected vehicles to check their vehicle identification numbers (VINs) and schedule the service.
Kia (part of the Hyundai Motor Group) is also reportedly affected by the hack and is due to issue a statement soon (via Bleeping Computer).
Protect your computer with the best antivirus software