With only 100 USD and 10 seconds, the security expert successfully unlocked and started the Tesla electric car
Tesla users love the electric utility vehicle’s keyless feature, but security researcher Sultan Qasim Khan has given the community reason to worry. In the latest test, the NCC Group consultant found that keyless technology is the key for hackers to gain access to the systems of some Tesla models.
According to Mr. Khan, a hacker could use this hack to gain access to Tesla Model 4 and Model Y systems; he was able to unlock, and start the car successfully.
Talking to Bloomberg, Khan explained that by directing the signal between the user’s phone, or any other remote control device (key FOB), crooks can trick the login system, causing the system to fail. It thinks the owner of the car is within close range.
Key fob remote control (key FOB) of Tesla vehicles.
According to Mr. Khan, this attack method is not only effective for Tesla cars. He only used Tesla cars as research subjects, hitting the Bluetooth Low Energy (BLE) connection protocol. So far, there is no evidence that crooks have successfully used this method to hack Tesla cars, and the manufacturer has not made an official statement.
After finding the potential vulnerability, Mr. Khan provided the information to Tesla. However, the representative of the electric vehicle company said that the error was not serious. According to Khan, Tesla will have to fix the part as well as update the keyless access system to patch the security hole.
The new information is yet another blow to Tesla’s security system. Not long ago, security researcher David Colombo demonstrated how to hack Tesla functionality to get permission to close, open doors and adjust music player volume.
Screen interface of Tesla electric car.
The BLE protocol was originally designed to connect devices over the Internet, but according to Khan, this is also a backdoor that allows hackers to unlock smart technologies, such as door locks, cars, electricity. phone or laptop. NCC Group claims that they have successfully applied this hack method on many smart cars as well as other similar technologies.
In the test, witnessed by Bloomberg reporters, Mr. Khan performed the hacking process with two small devices used in communication waveguides. To unlock the car, Khan placed a transponder about 13 meters from the remote control device (in this case, a smartphone), and a second transponder attached to Khan’s laptop. He performed the hacking process while sitting next to the target vehicle.
The hacking process uses a piece of software written by Khan himself, specifically designed for Bluetooth tuner devices. The cost of the necessary hardware and self-written software is only about $100, and the devices are sold online. According to Khan, when enough equipment is in hand, Tesla electric cars will be hacked within 10 seconds.
“Fraudsters can approach your house at night – in case the homeowner’s phone is in the house […] and perform this attack then start the car‘, Mr. Khan warned. “Once the device is placed near the remote unlocking device or mobile phone, crooks can send requests for the vehicle from anywhere in the world.“.
at Blogtuan.info – Source: cafebiz.vn – Read the original article here
