Tesla Model X’s keyless system can be hacked, and car stolen in minutes

The researchers said Tesla released an over-the-air software update to mitigate these issues.

Published - November 24, 2020 03:48 pm IST

A Tesla Model X electric car at Brussels Motor Show, Belgium, January 9, 2020

A Tesla Model X electric car at Brussels Motor Show, Belgium, January 9, 2020

(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)

A major security flaw has been discovered in the keyless entry system of the Tesla Model X that allow hackers to take control of the system and steal the car in a few minutes using a Bluetooth connected key fob (remote control to lock and unlock cars).

The latest security experiment conducted by researchers at COSIC, a group at the University of Leuven, Belgium, revealed how security measures in the recent Tesla Model X can be bypassed.

The researchers said Tesla released an over-the-air software update to mitigate these issues. The same group had previously unveiled vulnerability in the Tesla Model S keyless entry system as well.

The Tesla Model X key fob allows the owner to automatically unlock their car by approaching the vehicle, or by pressing a button. The model uses Bluetooth Low Energy (BLE) to facilitate the integration with phone-as-key solutions. The flaw in the firmware update process of key fob allows a hacker to take control of the car.

 

The group detailed steps on how they used an Electronic Control Unit (ECU) from an older Model X vehicle and were able to wirelessly (up to 5m distance) force key fobs to advertise themselves as connectable BLE devices.

They sent their own software to the key fob to gain full control over it. Researchers said it takes about 90 seconds, and can be performed over a range of more than 30 metres.

They found that BLE interface in the Tesla Model X allowed for remote updates of the software running on the BLE chip.

“As this update mechanism was not properly secured, we were able to wirelessly compromise a key fob and take full control over it,” Lennert Wouters, researcher at COSIC said. “Subsequently, we could obtain valid unlock messages to unlock the car later on.”

 

After approaching the vehicle and unlocking it, hackers accessed the diagnostic connector inside the vehicle. By connecting to the diagnostic connector, they paired a modified key fob that provided permanent access to the car and it can be driven away.

The Belgian researchers first informed Tesla of the identified issues on August 17, 2020. Tesla confirmed the vulnerabilities, awarded a bug bounty and an over-the-air software update, that is now being rolled out, will be pushed to the key fob.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.