An expert cybercriminal could hop into your Tesla's system and drive it if they're nearby, thanks to a video showing how it can be hacked. Originally reported by Ars Technica, the exploit involves manipulating Tesla's relatively new feature of last August.
By using near-field communication (NFC) key card to open the car door, drivers can turn the vehicle on. All Tesla Model 3 vehicles come with these cards, which interact with the car's computer system via short-range radio-frequency identification (RFID) signals.
As soon as the driver puts his or her foot in the seat, the car starts up all on its own after 130 seconds. The new model, according to Austrian security researcher Martin Herfurt, is also vulnerable to a unique exploit that could lead to your car getting hijacked.
As Herfurt says, Tesla's feature does more than simply turn your car on; it also lets you 'whitelist' new keys to unlock the car. In addition to NFC cards, Tesla Model 3s can also be unlocked using the Tesla mobile app or key fob.
Using VCsec, the language Tesla uses to communicate with their vehicles, Herfurt created his mobile application, the TeslaKee. His app, he claims, 'whitelists' itself as a key that opens the car's doors and communicates with the feature.
This new feature can be exploited to add keys remotely, with no authentication requirements, Herfurt claims. He made a YouTube video showing how the exploit can be used. It's very simple.
For this to happen, you would have to be in such a ridiculous position. A hacker would have to engineer their app, as Herfurt has done.
Then, they’d have to wait until you park your car, then execute the exploit, and trail you until you get out of the car. Then, yes, they could hijack your vehicle. It seems a little farfetched, but in cybercrime, weirder things have happened!
We couldn't reach out to Tesla for comment after its PR department was shut down in 2020, so we tagged Elon on Twitter and asked about it.
For more stories like this
Explore our website