Hyundai and Kia cars could be stolen with just a USB cable

News
By Craig Hale
published

There’s a patch coming, but it could take months for some

Hyundai Palisade 2020
(Image credit: Hyundai)

As many as four million Hyundai vehicles without push-button start and immobilizing anti-theft devices in the US are being targeted in the latest round of automotive attacks, with TikTok getting the blame.

The so-called ‘challenge’ on social media has uncovered how criminals can remove the steering column cover of certain models, uncovering a USB port that they can use to hotwire the car.

According to Los Angeles officials, the ‘Kia Boyz’ challenge resulted in a substantial 85% increase in the theft of Hyundai and Kia models compared with the previous year (via CNBC).

TechRadar Pro needs you!
We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

Hyundai and Kia thefts

In an announcement, Hyundai said that “all Hyundai vehicles produced since November 2021 are equipped with an engine immobilizer as standard equipment”. Despite this, the list of affected models is extensive:

  • 2017-2020 Elantra
  • 2015-2019 Sonata
  • 2020-2021 Venue
  • 2018-2022 Accent
  • 2011-2016 Elantra
  • 2021-2022 Elantra
  • 2018-2020 Elantra GT
  • 2011-2014 Genesis Coupe
  • 2018-2022 Kona
  • 2020-2021 Palisade
  • 2013-2018 Santa Fe Sport
  • 2013-2022 Santa Fe
  • 2019 Santa Fe XL
  • 2011-2014 Sonata
  • 2011-2022 Tucson
  • 2012-2017, 2019-2021 Veloster

The first three models emphasized in italics in the above list are already eligible for a software update, which must be performed at an authorized dealership and can take as long as an hour. The remaining models are expected to get a patch by June 2023.

In the meantime, Hyundai promises to be distributing free steering wheel locks to law enforcement agencies, which are to be supplied to owners and leasers of affected models. It will also install window stickers on fixed vehicles to notify criminals of their upgraded security. However, there are some models that cannot accommodate the software fix. The company says:

Read more

> These are the best endpoint protection software choices around today

> Why API cyber attacks are one of the biggest threats this year

> Apple releases security fix for iPhone and Mac zero-day flaw, so update now

“For these customers, Hyundai is finalizing a program to reimburse them for their purchase of steering wheel locks. Hyundai will provide these customers with more detail in the very near future.”

Hyundai has set up a dedicated website for owners of the affected vehicles to check their vehicle identification numbers (VINs) and schedule the service.

Kia (part of the Hyundai Motor Group) is also reportedly affected by the hack and is due to issue a statement soon (via Bleeping Computer).

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!