TECH: Thieves Hack Chrysler’s Dealer Software to Steal Cars

Posted by

FCA Dealer Hacks

The news is full of stories about how thieves can access your car through your infotainment system software. There are also stories about how thieves gain access simply by replicating the codes sent by your key fob. Now even the software used by dealers is an issue as Fiat Chrysler Automobile’s dealer software is hacked by Texas thieves.

FCA was in the news last year for a hacking problem with the Uconnect software that controls its infotainment systems. The vulnerability let hackers in Pittsburgh access a Jeep Cherokee in St. Louis while the vehicle was moving. It was all done under controlled conditions to demonstrate the problem and FCA quickly eliminated the flaw in the software.

Now it’s a different piece of software called DealerConnect that was used by thieves in a string of thefts. A couple of guys in Houston, Texas stole over 30 Jeeps in six months until they were finally caught in the act by police.

Looking for a new or used car? Check out BestRide’s listing search here.

Micahel Arcee and Jesse Zelay used a laptop to start up the cars and drive away. They simply entered the vehicle identification number and reprogrammed the cars’ security systems to a generic key that was as good as the real deal as far as the cars were considered.

The thieves were after Jeep Wranglers, Jeep Grand Cherokees, and Ram trucks, which they stole and then transported over the border to Mexico in the middle of the night. By the time owners realized their cars were stolen, those cars weren’t even in the US any longer.

ABC13 in Houston says the investigation started last April when an owner captured surveillance footage of their car being stolen right from their driveway. The video showed the thief entering the vehicle and using a laptop for a few minutes before driving off in the stolen car.

Looking for a new or used car? Check out BestRide’s listing search here.

This ring likely involves more than only two men, but police are hopeful that it will help at least curb the issue and expect to have more arrests as the investigation continues. Homeland Security is investigating more than 100 FCA vehicles that they believe were stolen with this type of hack.

FCA has since changed up the terms of use for DealerConnect to reinforce that information in the system may not be shared and that not only would it cause harm to the company, but could be cause for criminal proceedings. There is no official comment from FCA on the case while the investigation into the thefts is still ongoing.