03/04/2019
In a significant development for vehicle security, major automotive manufacturers Hyundai and Kia are proactively addressing a critical vulnerability that has unfortunately led to a surge in vehicle thefts. This issue, widely publicised through social media platforms, particularly TikTok, has enabled opportunistic thieves to steal specific models of Hyundai and Kia vehicles that are not equipped with push-button ignitions and immobilising anti-theft devices. This article delves into the nature of the hack, its impact, the ongoing software update, and what owners need to know to safeguard their vehicles.
The 'Kia Challenge' and Hyundai's Response
The problem centres around a specific method of theft that gained traction as a "challenge" on TikTok, starting around July 2022. Videos circulated online demonstrating how to bypass the ignition system by accessing a hidden USB-A slot, typically found within the steering column after removing a cover. This allowed thieves to effectively "hotwire" the vehicles, starting them without the correct key.
Hyundai, in a statement, confirmed its commitment to resolving this issue. "In response to increasing thefts targeting its vehicles without push-button ignitions and immobilising anti-theft devices in the United States, Hyundai is introducing a free anti-theft software upgrade to prevent the vehicles from starting during a method of theft popularized on TikTok and other social media channels."
Understanding the Security Flaw
At the heart of the problem is a logic flaw within the "turn-key-to-start" ignition system. This flaw allows the system to bypass the vehicle's immobiliser. The immobiliser is a crucial security feature designed to verify the authenticity of the key's transponder code against the car's Engine Control Unit (ECU). Without this verification, thieves could forcibly activate the ignition cylinder, using nothing more than a USB cable, to start the engine. This bypass renders the traditional anti-theft measures ineffective against this particular method.
The Devastating Impact of the Hack
The consequences of this vulnerability have been severe. In Los Angeles, for instance, the two brands experienced an alarming 85% increase in thefts in 2022 compared to the preceding year. Chicago reported an even more dramatic nine-fold rise in thefts during the same period. The United States Department of Transportation (NHTSA) has highlighted the gravity of the situation, indicating that approximately 3.8 million Hyundai vehicles and 4.5 million Kia cars are affected by this security flaw. Tragically, these exploits have not only led to property crime but have also been linked to dangerous situations, with the NHTSA reporting at least 14 confirmed car crashes and eight fatalities resulting from these thefts.
The Software Upgrade Initiative
Recognising the urgency, Hyundai and Kia have been collaborating with law enforcement agencies across the United States since November 2022. Initially, they provided tens of thousands of steering wheel locks to owners of affected vehicles. However, a more comprehensive solution has been developed in the form of a software upgrade. This free upgrade aims to permanently address the security loophole.
Rollout Schedule and Affected Models
The software rollout commenced with a significant wave of vehicles. More than 1 million vehicles from the 2017-2020 Elantra, 2015-2019 Sonata, and 2020-2021 Venue models were among the first to receive the update. The second phase of the rollout is scheduled to be completed by June 2023 and includes a broader range of models:
| Hyundai Models | Kia Models |
|---|---|
| 2018-2022 Accent | (Specific Kia models to be announced) |
| 2011-2016 Elantra | (Specific Kia models to be announced) |
| 2021-2022 Elantra | (Specific Kia models to be announced) |
| 2018-2020 Elantra GT | (Specific Kia models to be announced) |
| 2011-2014 Genesis Coupe | (Specific Kia models to be announced) |
| 2018-2022 Kona | (Specific Kia models to be announced) |
| 2020-2021 Palisade | (Specific Kia models to be announced) |
| 2013-2018 Santa Fe Sport | (Specific Kia models to be announced) |
| 2013-2022 Santa Fe | (Specific Kia models to be announced) |
| 2019 Santa Fe XL | (Specific Kia models to be announced) |
| 2011-2014 Sonata | (Specific Kia models to be announced) |
| 2011-2022 Tucson | (Specific Kia models to be announced) |
| 2012-2017, 2019-2021 Veloster | (Specific Kia models to be announced) |
Kia has indicated its intention to begin the rollout of its software upgrade soon, though specific dates and a comprehensive list of affected models have not yet been released. Owners are encouraged to stay informed through official Kia communications.
How the Software Upgrade Works
The free software upgrade will be performed by authorised Hyundai dealers and their service network in the United States. The process is designed to be efficient, taking less than an hour to complete. Once the upgrade is installed, the "turn-key-to-start" logic will be modified. Specifically, the vehicle's ignition will be disabled if the car owner locks the doors using the genuine key fob. Crucially, the ignition will only be able to activate if the vehicle is unlocked using the key fob, thereby ensuring that only the legitimate key can start the car.
Discouraging Future Attempts
Beyond the technical fix, Hyundai is also implementing a visual deterrent. Customers will receive a window sticker that clearly communicates to potential thieves that the vehicle's software has been updated and the vulnerability neutralized. This visible indicator is intended to discourage any further theft attempts.
What About Vehicles Without Immobilisers?
For models that do not have engine immobilisers and therefore cannot receive the software fix, Hyundai has pledged to cover the cost of steering wheel locks for their owners. This ensures that all affected customers have a means of protecting their vehicles, even if a software solution isn't feasible.
Frequently Asked Questions
Q1: Is my Hyundai or Kia vehicle affected by this theft issue?
A1: The issue primarily affects Hyundai and Kia vehicles that do not have push-button ignitions and immobilising anti-theft devices. The NHTSA estimates over 3.8 million Hyundai and 4.5 million Kia vehicles are impacted. Check the official recall notices from Hyundai and Kia for specific model year eligibility.
Q2: How can I get the software upgrade?
A2: Hyundai owners will be notified individually by the manufacturer regarding the rollout. The upgrade is performed free of charge at authorized Hyundai dealers. Kia owners should monitor official Kia communications for their specific rollout plans.
Q3: What if my vehicle cannot receive the software upgrade?
A3: For affected models that cannot be updated with the new software, Hyundai will provide complimentary steering wheel locks to owners.
Q4: Is the software upgrade a permanent fix?
A4: Yes, the software upgrade modifies the ignition logic to prevent the specific exploit method that has been popularized on social media, making the vehicles significantly more secure against this type of theft.
Q5: How long does the software upgrade take?
A5: The installation of the software upgrade typically takes less than an hour at an authorized dealership.
Q6: Has Kia announced specific dates for their software rollout?
A6: Kia has stated they will begin the rollout soon but has not yet released specific dates or details on affected models. Owners should await further official announcements.
Conclusion
The proactive steps taken by Hyundai and Kia to address this widespread vehicle theft vulnerability demonstrate a strong commitment to customer safety and security. While the "Kia Challenge" and similar exploits have caused considerable distress and financial loss, the free software upgrade offers a robust solution for many affected owners. It is vital for owners of potentially impacted vehicles to stay informed and to schedule their software updates or obtain steering wheel locks as soon as possible. By understanding the issue and taking the necessary precautions, owners can significantly enhance the security of their Hyundai and Kia vehicles.
If you want to read more articles similar to Hyundai & Kia Vehicle Security Update, you can visit the Automotive category.