Kia, Hyundai, and Genesis EVs Are Under Attack
Kia, Hyundai and Genesis electric vehicles are being targeted by thieves who are exploiting a number of vulnerabilities in the cars’ security systems.
By using handheld hacking devices or even by accessing Kia’s website criminals are able to drive off in a matter of seconds.
I should know. In the early hours of a Monday morning my Kia EV6 was taken from my driveway. Footage from a doorbell camera only captured the moments after the thief had unlocked the car, although my son witnessed the villain standing by the driver’s door for perhaps 30 seconds prior to that.
Within a minute of driving away access to tracking via the Kia Connect app was disabled and the car has not been recovered.
Exactly how it was unlocked and driven away I’ll never know, but given the speed of the theft it is likely to be down to one of two methods.
In the first technique criminals use a handheld device disguised to look like a GameBoy. Touching a door handle would normally activate a handshake protocol between the car and the owner’s key, but the device contains software running an algorithm that calculates the correct code to unlock the vehicle.
“The tool in question is an emulation device, but its sophisticated composition includes a multitude of radio transmission components, designed by hackers in Europe to resemble the classic Nintendo portable console,” explains vehicle crime consultant Dr Ken German.
“This device, usable as soon as the car is woken up by a touch of the door handle, triggers a dialogue protocol between the car and what should be the owner’s key. In a few seconds, it manages to fool the car’s system by simulating being a legitimate key thanks to a specific algorithm. Once the car is unlocked, it can then be started and driven away without incident. To prevent tracking, the vehicle’s connectivity modules are often disabled afterwards, making GPS or manufacturer app tracking impossible. The Hyundai Ioniq 5, Kia EV6, and Genesis GV60 models are mentioned as being among the most vulnerable to this type of instant theft.”
It’s also possible that a signal from the key was captured at some point, however, since the key was inside a signal-blocking Faraday pouch, also inside a Faraday box, that can’t have happened at home.
Most worrying of all is a hack that exploits the car’s internet-connected features. Wired reports of a flaw in the web portal that could allow criminals to trace and unlock a Kia remotely just by entering its number plate into the system.
“Thieves know more about cars than the actual manufacturers,” warns German.
The official line from Kia is that “Cars manufactured since February 2024 have received the necessary hard- and software combination to significantly reduce the risk of being stolen using “keyless” methodologies.” My car was a 2022 model and Kia has not offered advice or warnings to customers of these earlier cars.
“The irony is that most of the people who want stolen cars now don’t want EVs,” adds German. “If they do, it’s basically for the batteries which they sell on.”
Is the device you’re talking about a flipper zero? I read the story because I’m in the market for a Kia ev9 to replace my 5-year-old Tesla model 3. One of the features I enabled in my Tesla is you need a pin to drive off. Even after you use your key card or your phone to unlock the vehicle and get in, it asks for a four-digit pin on screen to put the car in drive. I’m surprised other manufacturers haven’t implemented this option. It would be an easy fix to this concerning situation.
Easy fixes don’t seem to be Kias forte……
I see what you did there…
The Soul of a good comment is the humor. That comment was a real Stinger.
I would take it further, but it’s a start.
Back in the 1800s horse thieves and cattle rustlers were hung. Maybe we need to do the same to car thieves. You would think after Kias and Hyundais last go round with easy car thefts they would try to prevent this from happening again – their reputation is really hurting their sales.
Will adding theft coverage premium on your Kia be helpful on your lost?
My own 11 year old Kia Soul (what a soul-less appliance) is immune to such trickery. It even had a manual transmission, so in the unlikely event that anyone wanted to steal it, they’d need a flatbed to haul it away.
Kia/Hyundai/Genesis theft rates are so bad that several large national auto insurance carriers (Progressive, State Farm, Allstate) refuse to insure them in many markets. This was a result of the last rash of thefts. This isn’t going to help matters. If customers can’t insure their cars, Kia/Hyundai/Genesis will not be selling very many until they get this fixed.
Just Go Back To Good Old Keys And Steering/Handbrake Locks, Also Every Vehicle Should Have An Number Key Pad For Immobilizer. Simple
Also need to be aware of the paint peeling problems with mostly, but not all, white or pearl colors on Hyundai and Kia vehicles. The companies will not remedy this problem and its been reported in USA, Canada, Australia and other countries. Claims have been made to home corporations which are denied after they have you go to the dealership for photos. If you are lucky enough to have them cover the cost of painting they only repaint spots peeling and areas will peel again along with new areas peeling. They also will only cover 50, 60, 70% of the cost. We’ve had pictures taken 3 separate times due to new areas peeling and older areas getting bigger. I’m making another appt for pictures very soon for the 4th time in a year! We’ve been denied by Hyundai corp so now we have to see if our dealership will repaint under “goodwill”. Not a good look for Hyundai when people see our vehicle with VERY LARGE peeled spots on our 2019 Santa Fe. A news reporter in Nashville TN reported on this issue and Hyundai stated this problem is few and far between!!! Not true!
Yeah, I’m constantly annoyed by this march toward ever complex tech for tech’s sake. Yes lock cylinders can be picked but I’m happy to carry this little piece of toothed metal around knowing the modern thief will choose an easier target.
Totally agree. Thanks for stating the problem many do not seem to acknowledge.