Cybersecurity researcher demonstrates how to hack a Tesla via Bluetooth flaw


Thibaut Keutchayan

May 21, 2022 at 09:00 a.m.

13

tesla hack hack flaw disc

© Shutterstock

Originally, Sultan Qasim Khan is a UK cybersecurity researcher for NCC Group. Now he can also open and start your Tesla pretending to be you.

If the risk of exploiting the vulnerability of Bluetooth Low Energy (BLE) is minor, Khan nevertheless wishes to alert Tesla and the many firms that use this technology.

Your Tesla unlocks… without you!

The alert level is not maximum, but it is always good to be informed. In this month of May 2022, Sultan Qasim Khan managed to open and start two Tesla vehicles, a Model 3 from 2020 and a Model Y from 2021, while he is not the owner. Normally, these electric cars unlock when the holder of the connected key fob and/or a smartphone with the Tesla app with the necessary information is nearby.

However, Sultan Qasim Khan only needed to develop an ingenious system comprising two relays, his personal computer and his iPhone 13 on which is installed an earlier version of the Tesla application to succeed. As if by magic, with an investment of one hundred dollars (for the two relays) and in just ten seconds, the NCC Group researcher manages to open the cars. A demonstration can be seen in the video below, while nearly 200 other vehicle models using BLE technology are also affected.


Concretely, Khan’s first relay is located near the Tesla, and the second close to the real owner and his smartphone. The first relay sends an identification request signal to the Tesla and picks up its response, which it sends back to the second relay. A false code developed by Khan then allows the request to be transmitted to the phone of the legitimate owner, which emits a signal validating the unlocking. Khan collects the positive signal with the second relay, which transmits the information to the first relay located near the Tesla, and thus unlocks the car. The result would be the same with an Android smartphone.

Other affected smart devices

Khan explains in particular to Bloomberg News than potential thieves could drive to any house at night – if the owner’s phone is at home – with a Bluetooth passive entry car [comme les Tesla testées par Khan, ndlr] parked outside and use this attack to unlock and start the car “.

However, as the cybersecurity researcher explains, this malice is not only the prerogative of Tesla vehicles, but also of a whole bunch of devices designed to reinforce security. This is for example the case of connected locks. The Kwikset company thus reacted by announcing that it would update its Android application this summer to avoid any risk. As for Tesla, no official reaction is yet known, but the risk of hacking being low and the version of the previous app, not sure that the firm is not working to resolve this vulnerability immediately.

Sources: Ars Technica , Fortune, InsideEVs



Source link -99