Automakers Hyundai and KIA are rolling out an emergency software update to several of their car models impacted by an easy hack that allows them to be stolen.

“In response to the increase in thefts targeting its vehicles without push-button ignition and immobilizing anti-theft devices in the United States, Hyundai is introducing a free anti-theft software update to prevent vehicles from starting during a method of theft popularized on TikTok and other social media channels,” it read. Hyundai’s announcement.

The car hack has been heavily promoted on TikTok as a “challenge” since July 2022, with videos showing how to remove the steering column cover to reveal a USB-A slot that can be used to hardwire the car.

The problem lies with a logic flaw that allows the “turnkey to start” system to bypass the immobilizer which checks the authenticity of the code in the key’s transponder to the car’s ECU. This allows thieves to forcibly activate the ignition cylinder using any USB cable to start the vehicle.

The impact of the so-called “Kia Challenge” was so great that in Los Angeles both brands had a strong 85% increase in flights in 2022 over the previous year, while Chicago reported a nine-fold increase for the same.

The United States Department of Transportation (NHTSA) published an article yesterday explaining that the security flaw affects around 3.8 million Hyundai vehicles and 4.5 million KIA cars.

The agency also said these hacks resulted in at least 14 confirmed car crashes and eight deaths.

Software update in progress

Since November 2022, both automotive brands have been working with law enforcement across the United States to provide tens of thousands of steering wheel locks. Nevertheless, a software update will now better resolve the security issue.

The software upgrade will be provided free of charge for all affected vehicles, with the rollout starting yesterday on over one million 2017-2020 Elantra, 2015-2019 Sonata and 2020-2021 Venue cars.

The second phase of deployment will end until June 2023 and will concern the following models:

  • Focus 2018-2022
  • 2011-2016 Elantra
  • 2021-2022 Elantra
  • 2018-2020 Elantra GT
  • 2011-2014 Genesis Coupe
  • Kona 2018-2022
  • Palisade 2020-2021
  • 2013-2018 Santa Fe Sport
  • 2013-2022 Santa Fe
  • 2019 Santa Fe XL
  • 2011-2014 Sonata
  • 2011-2022 Tucson
  • Veloster 2012-2017, 2019-2021

The free upgrade will be installed at official dealerships and Hyundai’s service network in the United States and will take less than an hour. Eligible car owners will be notified individually by the car manufacturer.

The announcement explains that the software upgrade will modify the “turnkey to start” logic to turn off the ignition when the car owner locks the doors using the original key fob. After the upgrade, the ignition will only activate if the key fob is used to unlock the vehicle.

Hyundai will also provide customers with a window sticker that makes it clear to would-be thieves that the car’s software has been updated to neutralize social media-promoted hacking, discouraging any attempt.

For models without an immobilizer that cannot receive the repair software upgrade, Hyundai will cover the cost of steering wheel locks for their owners.

KIA also promised to begin rolling out its software upgrade soon, but has yet to release any announcements with specific dates or details.

Source link