Categories: Electric Cars

Tesla Hack Lets Bad Guys Create A Spare Key For Your Car In Seconds

More and more modern vehicles use internet-facing and connected features in the name of convenience. The reality is that the convenience of these features can actually present a whole new attack surface for threat actors to exploit—that’s exactly what a team of security researchers at Mysk found in a new social engineering attack aimed at exposing a vulnerability in Tesla’s fleet of cars.

Security researchers at Mysk have found success in tricking users who utilize the free wireless internet broadcasted at many of Tesla’s Supercharging and Service stations. Rather than connect to the internet, the drivers are unknowingly providing the attackers with all of the details they need to create a key for their vehicle.

Get Fully Charged

Here’s how the attack chain works:

First, the researchers picked up a Flipper Zero. In case you aren’t familiar with these tiny tamagotchi-like devices, they serve as a penetration tester’s toolkit in a toy-like form factor for under $200. It’s the same device many script kiddies have used to spam iPhones with Bluetooth Low-Energy messages and open Tesla charging ports. With a simple daughter board, the Flipper can also broadcast a wifi hotspot which is the entire basis of Mysk’s attack.

The Flipper broadcasts the wireless network using the same name as the Supercharger wireless: “Tesla Guest.” An unsuspecting victim planning to use the wireless will then attempt to connect and is served up with a fake captive portal that looks like something officially from Tesla. But it isn’t.

Once the owners input their Tesla account details, the details are immediately pushed to the screen of the nearby Flipper Zero. If multi-factor is enabled on the owner’s account, the attacker then forces the user to be prompted for a multi-factor code. The code entered by the user is displayed on the Flipper and the attacker can log in as the user to the Tesla app on their cell phone.

The app will immediately see the location of the vehicle without authorizing their phone as a key. This could allow the attacker to get the location of where the car is parked and allow the attacker to return to the proximity of the vehicle to authorize their phone as a key when nobody else is around, or perhaps when the owner is sleeping.

Because this step doesn’t require an additional physical keycard authorization, the attacker is immediately granted access to the vehicle and can even bypass the PIN to drive function.

Mysk says that it reported this flaw to Tesla’s product team and received the following response:

Thanks for the report. We have investigated and determined that this is the intended behavior. The “Phone Key” section of the owner’s manual […] makes no mention of a key card being required to add a phone key.

The researchers recommend that Tesla re-visit this security vulnerability. Mysk specifically says that Tesla should consider making key card authentication mandatory when adding a new phone as a key and that it should notify owners when a new key is added.

In all, this is a pretty low-tech attack that simply requires proximity to the vehicle and a bit of social engineering to complete. I personally have never utilized Tesla’s wireless when Supercharging, but I’m sure there are plenty of people in more remote areas with low cellular coverage or those without unlimited data plans that might make use of it. That being said, it comes with a fairly heavy risk—losing your car. Fortunately, most stolen Teslas are recovered.

админ

Share
Published by
админ

Recent Posts

Led by Tesla, US EV prices dropped by 13% year-over-year in February

EV prices dropped by nearly 13% year-over-year in February, led in part by Tesla Model…

3 mins ago

Porsche Taycan Turbo GT makes its entrance with new lap record at Laguna Seca

By Simon Alvarez Posted on March 11, 2024 Porsche is expanding its Taycan lineup with…

23 mins ago

Mercedes A-Class to live on until 2026, may get EV successor

Within the face of slowing demand for electrical autos, Mercedes-Benz plans to maintain its present…

33 mins ago

Volvo Cars says its new partner will reduce its EVs’ charging time by 30%

Image: Volvo Cars Volvo Cars has partnered with Imperial College London spinoff Breathe Battery Technologies…

40 mins ago

2024 BMW iX xDrive50 Long-Term Intro: Powering Through Winter With Superb Range

You really don't know how a car drives until you run it in both good…

51 mins ago

Tesla Lithium Refinery construction making progress

By Zachary Visconti Posted on March 11, 2024 Tesla is making construction progress on its…

1 hour ago