Hyundai and Kia patch TikTok car theft hack

Hyundai and Kia are issuing emergency software updates to combat a USB hack that makes it easy to steal certain US car models.

It’s in response to the TikTok ”Kia Challenge”, which has been widespread on the platform since July 2022. Videos show users how to remove car steering columns and expose a USB-A slot that can be used to hijack the vehicle. F

“Hyundai is introducing a free anti-theft software upgrade to prevent the vehicles from starting during a method of theft popularised on TikTok and other social media channels,” Hyundai said in an announcement

The technology will launch as a service campaign for almost 4 million Hyundai vehicles from 14 February. The upgrade will roll out first to more than one million Elantra (years 2017-2020), Sonata (2015-2019) and Venue (2020-2021) models.

The United States Department of Transportation (NHTSA) stated the security flaw impacts another four-and-a-half million Kia cars.

Last year, Los Angeles witnessed an 85% year-on-year increase in thefts of Hyundai and Kia cars. According to the NHTSA, there have also been 14 confirmed car crashes and eight fatalities linked to the TikTok challenge. 

How does the update work?

The software upgrade modifies the “turn-key-to-start” logic to kill the ignition when car owners lock doors using the genuine key fob. Once upgraded, the ignition will only activate when the key fob unlocks the vehicle. 

Hyundai is also covering the cost of steering wheel locks for models with no engine immobilisers.

Hyundai’s official dealers and service network in the US will install the free upgrade, which reportedly takes less than an hour. Carmakers will notify eligible car owners. To deter potential carjackings, Hyundai is also issuing window stickers stating the car has been upgraded.

Kia plans to start a similar software rollout to prevent carjackings, but is yet to release any details.

Avatar photo
Eoghan O'Donnell

Eogan was a freelance reporter for, covering technology news across hardware, innovation and security. Now based in London, he is proudly Irish and fluent in Gaeilge.