Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Transportation Databases

Motorcycle Gang Busted For Hacking and Stealing Over 150 Jeep Wranglers (bleepingcomputer.com) 83

An anonymous reader writes: "The FBI has arrested members of a motorcycle gang accused to have hacked and stolen over 150 Jeep Wranglers from Southern California, which they later crossed the border into Mexico to have stripped down for parts," reports Bleeping Computer. What stands apart is how the gang operated. This involved gang members getting the Jeep Wrangler VIN (Vehicle Identification Number), accessing a proprietary Jeep database, and getting two codes needed to create a duplicate replacement key. Gang members used one code to cut the key, while they used the second code while stealing the car, connecting a handheld programming computer to the car, and programming the replacement key's chip, synchronizing it to the car's dashboard. All of this took under 2 minutes and was also possible because Jeep Wranglers allow thieves to pop the hood from the outside of the car and disable the alarm even before using their non-authenticated replacement key. Officials say that all the database queries for the stolen VIN codes came from a Jeep dealer in Cabo San Lucas, Mexico. Court documents don't say if the dealer cooperated or gang members hacked its system. The motorcycle gang's name was Hooligans and the sub-unit that stole the Jeeps was named Dirty 30.
This discussion has been archived. No new comments can be posted.

Motorcycle Gang Busted For Hacking and Stealing Over 150 Jeep Wranglers

Comments Filter:
  • by Anonymous Coward
    Those British soccer fans are WAY out of control at this point.
    • by Tablizer ( 95088 )

      You'd think smart hackers would have enough brain power to find a better gang name.

      • Re:Hooligans (Score:5, Insightful)

        by dunkindave ( 1801608 ) on Wednesday May 31, 2017 @07:18PM (#54522181)
        I doubt the gang did the hacking. There is probably a person or group who figured out how to do this hack, then sold the info and devices with instructions to the gang who used it. It's a lot like hackers of old versus script kiddies today. A couple decades ago to hack a system normally meant the hacker had the skills and understanding, but today it is often just a person who knows how to run a program that someone else wrote.
        • by michelcolman ( 1208008 ) on Thursday June 01, 2017 @01:50AM (#54523553)

          Or the gang has one member who sits in a dark apartment room surrounded by computer screens full of green text and who's in constant contact with them over a secret radio frequency.

          • That looks vaguely like "hacking" in Fallout...

            Seems like every time the TV news needs a graphic for hacking they use the Fallout one... I find that hilarious and it makes me feel a bit smug all at the same time, win win!

        • by tlhIngan ( 30335 )

          I doubt the gang did the hacking. There is probably a person or group who figured out how to do this hack, then sold the info and devices with instructions to the gang who used it. It's a lot like hackers of old versus script kiddies today. A couple decades ago to hack a system normally meant the hacker had the skills and understanding, but today it is often just a person who knows how to run a program that someone else wrote.

          Or they simply got an employee to do it for them. Dealers have access to the datab

        • A "couple decades ago" hackers chopped wood, or someone else's bugs. When "hacking" got conflated with "cracking" there were plenty of script kiddies already.

          As for illiterate Hooligans manning weapons they don't understand, those have been around since cracking exists, be it of systems, or skulls (cf. Space Odyssey).

      • I bet you're the kind of guy that likes his email server to be called "hermes" or "isimud", instead of, you know, "mail".

    • Re: Hooligans (Score:2, Informative)

      by Anonymous Coward

      The name comes from a notorious Irish family.

  • by k3vlar ( 979024 ) on Wednesday May 31, 2017 @07:16PM (#54522165)

    [...] possible because Jeep Wranglers allow thieves to pop the hood from the outside of the car and disable the alarm even before using their non-authenticated replacement key.

    There's your main problem right there.

    • by dunkindave ( 1801608 ) on Wednesday May 31, 2017 @07:23PM (#54522199)

      [...] possible because Jeep Wranglers allow thieves to pop the hood from the outside of the car and disable the alarm even before using their non-authenticated replacement key.

      There's your main problem right there.

      If you look you will find that a lot of car hoods can be opened by inserting the right tool through the grill to access the locking mechanism. It's a lot like how a slim jim can get you in through the door.

    • by Anonymous Coward

      Really? That is the main problem? Not the fact that you can generate a replacement key from VIN?

  • Low-tech solution (Score:4, Interesting)

    by TWX ( 665546 ) on Wednesday May 31, 2017 @07:21PM (#54522189)

    How about a low-tech solution of blocking the visible-under-the-windshield VIN with a piece of paper? Is that legal? It seems like it would help reduce the problems, or at least make the thieves more inclined to move on to a different vehicle.

    • How about a low-tech solution of blocking the visible-under-the-windshield VIN with a piece of paper? Is that legal? It seems like it would help reduce the problems, or at least make the thieves more inclined to move on to a different vehicle.

      In California it is illegal, but you can use the CA DMV website to look up the VIN if you have the license plate number, so covering the VIN would just add one more step for the crooks.

    • Re:Low-tech solution (Score:4, Informative)

      by TheGavster ( 774657 ) on Wednesday May 31, 2017 @08:07PM (#54522403) Homepage

      On my car, the VIN is also etched into the corner of each of the glass pieces. Since you also need to regularly supply a VIN for registration, service, and even sometimes to take the car onto a private lot, the best thing would be for Chrysler to require something more private in order to get the codes for the key and the computer :/

    • by slazzy ( 864185 )
      Another good idea would be adding a contact switch to the hood, so the alarm will go off when the hood is opened. Jeep should have done this from new.
  • lets will be facing more time then killing someone under the poor hacking laws.

    Pro tip just take the deal to get a few a few GTA's on you rap sheet.

  • Dirty 30 was a lot cooler before he turned 55...

  • I think it's time. (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Wednesday May 31, 2017 @08:34PM (#54522537)

    It's time that you should be able to program your car with your own codes because obviously dealerships cannot be trusted to secure them.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      It's time that you should be able to program your car with your own codes because obviously dealerships cannot be trusted to secure them.

      Nothing is stopping you from having the locks changed the day you buy it. Changing codes is normally harder, sometimes requiring changing out the computer.

      • It's time that you should be able to program your car with your own codes because obviously dealerships cannot be trusted to secure them.

        Nothing is stopping you from having the locks changed the day you buy it. Changing codes is normally harder, sometimes requiring changing out the computer.

        Uh yeah, nothing is stopping you, except for the fact that "locks" these days are in fact codes, because many cars aren't coming with physical keys anymore. They're configured with wireless keyfobs instead. Not even an ignition key. My cars have been that way for 10 years now.

  • Stealing jeeps? What idiots. At least steal Teslas.
    • by gl4ss ( 559668 )

      they had access to the key db of jeep(chrysler?).

      and well, they had to have the range to drive all the way to mexico without phoning home.

    • Teslas have almost no market for used parts. Maintenance is always done by Tesla service centers. And Teslas are such a tiny portion of the market that even if this weren't the case, no one would want the parts because of the lack of market penetration; it's the same reason no one steals Rolls-Royces for parts.

      It seems that the "Hooligans" are a lot smarter about basic economics than you are.

      Finally, I applaud this biker gang: they're doing a real public service by removing those shitty Jeep Wranglers fro

  • The motorcycle gang's name was Hooligans and the sub-unit that stole the Jeeps was named Dirty 30.

    Sounds like a great movie plot. F9 of the Furious, here we come!

  • ...many cars can be stolen this way. I believe that the Wrangler were targeted because they are valuable in Mexico, not because they were particularly hackable. There have been several slightly older model BMWs stolen in my neighborhood using very similar techniques, key cutters and black market OBD software and VIN databases. Just wait until they can just unlock and start a car remotely via the car's wireless data connection...
    • I believe that the Wrangler were targeted because they are valuable in Mexico, not because they were particularly hackable.

      Whatever the particular reason, I for one applaud the Hooligan biker gang for performing this valuable public service of removing Jeep Wranglers from US territory. I hope they'll improve their hacking skills to include all Chrysler models. It'd also be nice if they'd steal the last few remaining Pontiac Azteks and ship those to Mexico too (or better yet, some cooperative junkyard whe

Time is the most valuable thing a man can spend. -- Theophrastus

Working...