Hack in a box: Two thieves steal more than 30 cars using a laptop

The pair was finally caught after surveillance footage gave police enough information to work with.

Andrew Krok Reviews Editor / Cars
Cars are Andrew's jam, as is strawberry. After spending years as a regular ol' car fanatic, he started working his way through the echelons of the automotive industry, starting out as social-media director of a small European-focused garage outside of Chicago. From there, he moved to the editorial side, penning several written features in Total 911 Magazine before becoming a full-time auto writer, first for a local Chicago outlet and then for CNET Cars.
Andrew Krok
2 min read
FPI studios

Back in the day, if you wanted to steal some cars, you may have only needed a coat hanger, a screwdriver and a rudimentary understanding of wiring. These days, it's significantly more complicated, but that's not about to stop criminals. It certainly didn't stop two men, who allegedly stole more than 30 Jeep and Dodge vehicles using a laptop.

Houston police told local affiliate ABC13 that it finally caught the duo after surveillance footage led the police right to 'em. The fuzz tracked the scofflaws until they were eventually caught in the middle of yet another heist. All in, police estimate the two have stolen dozens of cars, and could be part of a larger ring.

Now that they've been caught, police are trying to figure out how it was done. They know a laptop is involved. A Fiat Chrysler spokesman told ABC13 that it could involve a specific database that lists codes that pair key fobs to vehicles. The thieves could have gained access to the database and created working key fobs on the spot after taking note of a vehicle identification number (VIN), which is visible in several places, including through the windshield.

Once a fob and vehicle are paired, the car wouldn't know the fob was illegitimate. Everything would appear kosher to the computer, and off you go. FCA has launched its own internal investigation into the matter, as it's possible that an employee sold access to that database for personal profit. But again, there's still uncertainty as to how these vehicles were actually stolen.

"No matter what you do, you have to realize, somebody has the ability and the knowledge to steal your car," said Officer Jim Woods of the Houston Police Department to ABC13. "They're going to be able to take it. There's not a whole lot you can do about it."

Automakers have made great strides in their efforts to combat cybersecurity issues, but not every hole is being filled in fast enough to make a difference. In fact, in order to increase help from the public, FCA's incentivized its bug-hunting efforts, partnering with Bugcrowd to offer bounties for folks who find holes in FCA software and alert the automaker to them.

Watch this: AutoComplete: Tesla's Q2 results are in, and it's a mix of good and bad