How to steal a Tesla using Bluetooth
Sure, Bluetooth is very clever – connecting your phone to your ears wirelessly in your car, or via your surprisingly expensive headphones – but did you know it could be used to steal a Tesla?
That’s what a particularly clever hacking “researcher” has revealed this week, after he discovered how easy it was to steal a Tesla Model X by using something as free and easy to use as a Bluetooth connection.
According to a report in Wired, Lennert Wouters, a security researcher at KU Leuven university in Belgium, has revealed security failings he found in Model X cars and their electric key fobs.
Those security vulnerabilities could be used by a car thief to read a car’s VIN (Vehicle Identification Number, which is usually visible on a car’s dashboard.
The hacker would then only need to be standing somewhere near the victim’s key fob, as far as four metres away in fact, to rewrite the firmware on the key via a Bluetooth connection, steal the unlock code for the Tesla and then drive it away.
While you might this requires a lot of laptops and a giant brain, Wouters says the hardware necessary cost him just US$300, and fit easily inside a backpack, while the actual hacking could be done using a phone. So easy.
The software locking code steal takes less than two minutes and once inside the car, another software vulnerability would allow the hacker to turn a blank key fob into the new key, recognised by the Model X.
“Basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time,” said Wouters,. “When you combine them, you get a much more powerful attack.”
Wouters warned Tesla about the hack in August. and he’s been told the company, which refused to comment on the story, plans to start rolling out software updates to its keys soon. Although those updates would only combat half of the hack.
Tesla also told Wouters the patch may take close to a month to roll out. The researcher, being a nice guy, has not published the specific code or instructions to allow people to do the hacking themselves, but it’s not hard to imagine that a professional thief would be able to take his hints and run, or drive away, with them.