Multiple models under the Hyundai and Kia brand can be stolen using just a USB cable
Hyundai and Kia cars manufactured before 2022 can be stolen very easily. It is so easy that the tool you need to steal is just a USB cable. As per reports, over 38 lakh Hyundai cars and 45 lakh Kia cars are affected by this flaw. That means more than 83 lakh cars from Hyundai and Kia in the US, are affected.
What Is The Flaw?
In order to steal any of these affected cars, all you have to do is remove the steering column cover. This will give you access to the ignition cylinder and the keyhole. Taking this cylinder off, will reveal a ledge sized starkly similar to a USB-A cable. This is where the USB-A cable comes in. Jamming this cable into the ledge and turning the cable like a key, will start the engine. As easy as that.
Stealing Hyundai and Kia cars became a challenge on TikTok in the US. The videos went viral, resulting in thousands of cars reported stolen. In most cases, the cars are only stolen for the purpose of finishing the social media challenge. In some cases, thieves drove them rashly, banging them around, like in video games.
Only Hyundai and Kia vehicles with mechanical keys manufactured before 2022 are prone to this hack. Some vehicles didn’t get an immobilizer chip in them. Even in vehicles with immobilizer chips, this hack bypasses authentication as it has “turn key to start” logic baked in. Vehicles with push-button start are safe. Insurance companies have refrained from insuring vehicles with this issue too.
A software patch. Yes. As simple as the problem is, the solution is equally simple. Hyundai and Kia have already started installing this software patch in some of their affected models. By the end of this year, the updated software will be installed in all of the 83 lakh affected cars in the US.
Hyundai has stated in response to these car thefts that there will be a free software patch for vehicles with immobilizers disabling “turn key to start” logic which is bypassing immobiliser authentication. A new logic has been added to the security. Ignition will be killed when the car’s owner locks the door using a genuine key fob. Ignition can only be started if it is unlocked by a genuine key fob.
Along with it, Hyundai will provide a free sticker on the windshield stating the car’s software is updated. This should discourage enthusiastic thieves from attempting to steal the car. For cars without immobilizers, Hyundai is bearing costs of 3rd party steering locks bought by owners.
Hyundai cars manufactured between 2015 and 2021, Kia cars manufactured between 2011 and 2021 are prone to this hack. Cars affected by this issue include Venue, Tucson, Accent, Elantra, Genesis, Kona, Palisade, Santa Fe, Sonata, Veloster, etc.