Last year in a Wired report, a duo of computer geeks showed the world they could hack into and immobilize a Jeep Cherokee with nothing more than a laptop, prompting Chrysler to later recall 1.4 million vehicles. Clearly these cars have some cybersecurity issues, because police say two intrepid hackers in Houston used a laptop and pirated software to steal more than 30 Jeeps and Dodges, according to local news reports.
Police in Houston arrested two men suspected of hacking into and then stealing the vehicles over a six-month period, TV station ABC 13 reports. These guys had been on the run for a while, but last Friday, cops caught them red-handed right in the middle of a hack-and-jack.
Police used this video to track down the suspects, Michael Arcee and Jesse Zelay:
Once they identified the suspects, police started tailing them and recording their every move. And last week, the cops caught the two guys in the act—stealing Jeeps in the Memorial area of Houston.
Investigators told ABC 13 that the suspects hooked the laptop to the cars (many of which were unlocked), then used pirated software to somehow turn them on and just drive the away.
Police are now investigating exactly how the two guys broke into the Jeeps and Dodges, but based on the original Wired story from a year ago, they likely got through to the ECU via the UConnect infotainment system. But hacking into more than 30 cars and getting enough control to actually drive them away seems questionable to me, so we’ll have to see what the official investigation reveals.
Update: Fiat Chrysler has sent in a statement:
FCA US takes the safety and security of its customers seriously and incorporates security features in its vehicles that help to reduce the risk of unauthorized and unlawful access to vehicle systems and wireless communications. FCA US has been cooperating with Houston Police Department since they first started the investigation. This investigation is ongoing and as such, the Company has no further comment.