Endpoint Security , Hardware / Chip-level Security

Kia and Hyundai Fix TikTok Security Challenge

Vulnerability Potentially Caused Deaths and Thousands of Thefts in the US
Kia and Hyundai Fix TikTok Security Challenge
Interior of 2015 Hyundai Elantra (Image: Shutterstock)

Auto manufacturers Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok.

See Also: OnDemand | Protecting Devices and Software from Next-Generation Cyberthreats

The "Kia Challenge" went viral on the short-form video-sharing app in mid-2022 after users dubbing themselves "Kia Boyz" discovered how to steal certain Kia cars made in 2011 through 2021 or Hyundai cars made in 2015 through 2021 using nothing except a screwdriver and a male USB Type A connector to turn the mechanical ignition.

The Kia Challenge works because vulnerable car models lack an engine immobilizer or a theft deterrent system. The raft of thefts attributed to the viral challenge led to at least eight deaths and 14 crashes, says the National Highway Traffic Safety Administration.

The software requires the key to be in the ignition switch for the engine to turn on. The Korean carmakers are updating the "theft alarm software logic" to extend the length of the alarm sound from 30 seconds to one minute.

The automakers have made engine immobilizers or anti-theft equipment standard for all models starting in 2022, USA Today reported in June.

Engine immobilizers, which require a wireless signal from the ignition key before the engine can turn over, have greatly decreased the rate of car theft over the past three decades. Cybersecurity company Kaspersky, in research published in 2020, said that they aren't foolproof against carjackers since the encryption used to encode transmissions between the ignition and ignition key can be "very weak."

Owners of the 2017-2020 Elantra, 2015-2019 Sonata and 2020-2021 Venue vehicles are eligible for the update starting this week. Other models, including the Kona, Palisade and Santa Fe vehicles, will be serviced starting in June.


About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.