As a software developer, my first thought was why doesn't the security ECU send error frames when someone else is using its own address? Then I saw the teardown of the hacking device and it makes sense. They didn't just use a microcontroller and a transceiver. They used a modified transeiver that applies a short-circuit to the CAN bus to force send a 1 when the security ECU wants to send a 0, and the engine ECU will accept the packet because it was built assuming a malicious device would just send bad data, not bad data + a short-circuit. This is hardware hack just as much as a software hack.

My Mercedes needs open heart surgery to get to the wiring hardness on the headlights.

My car was stolen in 5 minutes using this hack. They even cut off my steering wheel lock

Just down the road from me, a neighbor had hints that someone was checking out his almost brand new Lexus. So, on a warm summer Saturday night, he was ready. He put two of his 'babies' in the back seat under a big blanket. The thieves broke the lock on the small driveway gate in and were just about to pull out of the driveway, when Rottweiler #1 and Doberman #1 decided to get up from the back seat floor and kiss the guys ear. At that the chase was on. As well, Rottweiler #2 and Doberman #2 joined in the fun. The thieves were caught and spent quite awhile in hospital healing from their wounds. From there they have a meeting with some nice police men who want to have a little chit chat with them and a judge who also wants to have a wee little talk with them. Now, I heard via the grapevine that the baddies tried to sue the owner of the Lexus but was laughed out of court. I gotta get me some cute little doggies.

The CAN bus took the place of what the ignition switch used to do? All of electronics run through the ignition switch in most vehicles.

First thing you can do is modding. First take apart the front and reinforce it and bolt it back on from the inside so it can no longer be popped off without the hood open. Second, buy a extension for both headlights and reroute the wire through the engine bay inside a metal pipe. Third, install extremely loud collision alarms around the headlights and front panels. Forth, use a cloud based cam system with interior hidden camera with sound. Install hidden GPS trackers. You can even create a CANBUS killswitch

This car theif would not breath again if I saw him

Saw a lot of Lexus’ being stolen like this, I really wonder why police don’t bait and arrest the buyers/dealers of stolen cars who create a market for stolen vehicles.

The name can bust is crazy lol whoever agreed to make all cars have this feature knew eventually thieves will learn about it

Why would the automakers rush to patch it? More incentive to buy another vehicle if it gets stolen. Just get good insurance. I wish there's a new car with removable steering wheel that just plugs in and out easily.

Best way to stop the thieves? good old fashioned cut out switch, probably the best and cheapest security gadget you can have.

Also lot guys use repeater keyless

Just how are you to access the headlight wiring? it's deep inside the vehicle, more likely they will clone your key then drive it to a secure shop where they can access and reprogram the Can-Bus for export to Africa.

How do car owners get information on updates to prevent this from happening

Get yourself an IGLA or Starline i96 immobilser, It blocks Can Bus Injection and Relay attacks. It uses factory buttons as a pincode. Only the owner knows the pincode.

Candy's Dandy but Liquor's Quicker...

I wish they would steal my beat up 2012 Corolla LE with 183k miles on it. Give me a reason to upgrade my car, but the darn car is so durable it won’t die SO I KEEP ON DRIVING IT

Would an install of the Ghost II Immobilizer stop this type of auto theft.

Turn off your key FOBs. Use a steering wheel lock/club. Nothing's foolproof but if your car looks like it's going to be too much trouble for a thief, he'll move on to the next one.

Lol, my 30 yr old vehicle has headlights that have no connection to the ECU... good luck getting my vehicle this way. It's still a super easy vehicle to steal though. If you can turn the starter switch, it will start, simple as that... so the brute screwdriver trick works on my vehicle so... my truck may get the last laugh on this specific vulnerability... but that's a small consolation in comparison to having been laughed at for years by cars that have long surpassed my vehicle's level of security so... uh, yeah. Don't take my cocky laughter as anything other than me still being way less secure than you probably are, but still enjoying a small sliver of a silver lining in my storm cloud...

Not in mine. My ignition is disable by this tech. So FU to the thieves.

If the battery is NOT CONNECTED will the thief's tool work?

Avoid buying the top five most stolen makes in USA/Canada: Acura/Honda, Lexus/Toyota, Jeep/Dodge, Land Rover and Ford. Next, use a steering wheel club lock. And if you can, stick to older vehicles with physical, metal ignition keys - you can still get nice VWs, Nissan, Subarus, GM and others from 2018 or so thus equipped. This will decrease the odds of your car being stolen. Bonus points if you drive a manual transmission. For example, no one in Africa wants your 2017 Mitsubishi Outlander with 2wd and manual shift.

Yeap they just got my new Camaro SS the other night

Pin to drive and no normal can bus Tesla.

You would think The FBI would have fun watching hackers and snatching them up. Why don't they mention it?

Stock with 2010 and under model any brand gas car ....there a way even thieves can get in car ....but only the owner know how to make car drive long distance

Just get in the habit of pulling a few key fuses on your car like the fuel pump for example, without that the car wont even run for you..

More calculated by the min I swear! I hate thieves go get a fucking job! If you’re able to do all this with technology imagine wat u can do in the working world with it?

Autotrader using scare tactics so folks will buy used cars instead of new cars. LOL. It is easier to "break in" to the passenger compartment than getting to the headlight wiring harness.

@ashleybrown889