European police have arrested 31 suspects for their alleged participation in a sophisticated plot to steal connected vehicles.
French, Spanish and Latvian police worked with Europol and European judicial cooperation agency Eurojust to search over 22 locations and seize more than €1m in criminal assets.
Car thieves targeted two unnamed French car manufacturers, using a tool marketed as an ‘automotive diagnostic solution’ to replace legitimate software loaded onto vehicles.
This enabled them to open the doors and start the ignition without needing to use the key fob, Europol explained.
Other details are scant at this stage, presumably to avoid copycat attacks. However, the authorities arrested not only some of the suspected car thieves but also the suspected developers of the malware and its resellers.
It’s unclear whether a single group developed the hacking tool and then used it themselves to steal cars or if they primarily sold it to other criminal gangs.
The investigation was kick-started by the French Gendarmerie’s Cybercrime Centre (C3N), although Europol claimed to have been supporting the case since March 2022 with “extensive analysis and the dissemination of intelligence packages” to all affected countries.
That would seem to imply that gangs across multiple jurisdictions got hold of the same tools to access and steal vehicles from the targeted manufacturers.
Europol also posted an image of a domain seizure notice stating: “This service has been seized by the Gendarmerie Nationale cyberspace command under the authority of the French Paris Prosecutor’s Office.”
This suggests that the hacking tool in question was being sold to third parties online.
Although much research has been done over recent years on the potential threat to car safety from attacks targeting keyless entry, there have been few real-life cases of note.