Vehicle thefts near Ramstein spotlight keyless entry vulnerabilities

A Mercedes-Benz SUV with a keyless system at Kleber Kaserne, Germany. German police and the 569th Police Squadron at Vogelweh are investigating recent car thefts in the Kaiserslautern area. They are advising car owners to be alerted of suspicious activities.



KAISERSLAUTERN, Germany — U.S. military and German police are warning drivers to secure their vehicles and electronic fobs following two high-value thefts from a small village near Ramstein Air Base earlier this week.

Two cars were stolen overnight Tuesday in Mackenbach. One of the vehicles, a 2018 white BMW X5 SUV, belonged to an American, according to reports from the Kaiserslautern police and the 569th U.S. Forces Police Squadron at Vogelweh. The other car was a German-owned Audi A5.

Both vehicles were parked on the same street, Auf der Platte, police said.

“It is not unusual (in) this area that cars are stolen,” Kaiserslautern police spokeswoman Christiane Lautenschaeger said. “But two cars in one night in the same village and the same street, this sticks out.”

The 569th is investigating the incidents with the Kaiserslautern police.

Lautenschaeger said they have no suspects, but investigators believe that criminal groups may be using technology to gain access to keyless cars, such as newer-model BMWs, by cloning key fob signals and enabling the “push-to-start” feature of the vehicle, Maj. Tyler Hughes, 569th U.S. Forces Police Squadron commander, said in a statement to Stars and Stripes.

Keyless cars can be unlocked and started automatically when the fob is close by.

American BMW owners were victims in a string of keyless car thefts in the Kaiserslautern area in September 2017. A BMW X5 was stolen from an American living in Hohenecken, while another American had a BMW X6 stolen from Queidersbach.

But keyless BMWs aren’t the only ones at risk. Hundreds of keyless models were found to be vulnerable to a “keyless hacker attack” in a recent test conducted by the German General Automobile Club, or ADAC.

Of 237 models examined, 230 could be stolen in seconds using devices found in most electronic stores or online very cheaply, said the ADAC report, published last month.

Only models built by Jaguar Land Rover were impenetrable to the hacking technology, the ADAC study found.

Thieves can build devices that extend the signal range of the key fob by hundreds of yards, allowing them to open and drive off with the car. The ADAC study noted this signal hacking is possible if the key is in the house or “in the pants or jacket pocket” of an owner.

Once the engine is running, it usually remains in operation without a key if there is fuel in the tank. The car can be refueled while the engine is running, the report said.

Hughes recommends keyless car owners park in a locked garage or well-lit area; and secure their key fob in a box or container that prevents the signal from reaching the vehicle. Using a mechanical steering wheel locking device is another suggestion, Hughes said.

Wrapping a key in tin foil is not a reliable remedy, says ADAC, since the radio waves can pass through it.

The Kaiserslautern police released the license plate numbers of the two cars stolen from Mackenbach: The BMW X5 has the license plate number KL-PD 332 and the Audi A5 has the license plate number KL-DB 911. Kaiserslautern police ask that anyone with information about the thefts call: +49(0) 631- 369 – 2620; or call the KMC Law Enforcement Desk to report suspicious activity: +49 (0) 631-536-6060/7070.



from around the web