Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking tool to steal cars without having to use a physical key fob.
"The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away," Europol said in a press statement.
The coordinated operation, which took place on October 10, 2022, resulted in the arrest of 31 suspects from across 22 locations in the three nations, including software developers, its resellers, and the car thieves who used the tool to break into vehicles.
Also confiscated by the officials as part of the arrests were criminal assets worth €1,098,500, not to mention an internet domain that allegedly advertised the service online.
Per Europol, the criminals are said to have singled out keyless vehicles from two unnamed French car manufacturers. The perpetrators then used the fraudulent package to replace the original software by marketing it as an "automotive diagnostic solution."
Once installed, the tool made it possible to open the car doors and start the ignition sans the key fob. The agency did not reveal more specifics on how the attacks were carried out.
Are you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.RESERVE YOUR SEAT
Eurojust, in an independent press release, noted that the organized crime group "used fraudulent software to steal vehicles by duplicating the vehicles' ignition keys," adding "more than €100 million, as well as 12 bank accounts, real estate, and three luxury cars were seized in France."
Europol further stated the investigation was initiated by the French Gendarmerie's Cybercrime Centre (C3N), with the E.U.-wide law enforcement agency assisting the case since March 2022.