Thursday, May 9, 2024
Latest:

EV Central

News, reviews and comparisons of electric cars and SUVs from Australia's most trusted experts

Tesla Model X
EV EV brands News 

How to steal a Tesla using Bluetooth

Stephen Corby 2247 Views

Sure, Bluetooth is very clever – connecting your phone to your ears wirelessly in your car, or via your surprisingly expensive headphones – but did you know it could be used to steal a Tesla?

That’s what a particularly clever hacking “researcher” has revealed this week, after he discovered how easy it was to steal a Tesla Model X by using something as free and easy to use as a Bluetooth connection.

According to a report in Wired, Lennert Wouters, a security researcher at KU Leuven university in Belgium, has revealed security failings he found in Model X cars and their electric key fobs. 

Those security vulnerabilities could be used by a car thief to read a car’s VIN (Vehicle Identification Number, which is usually visible on a car’s dashboard.

Victoria Police's 2019 Tesla Model X
Victoria Police’s 2019 Tesla Model X

The hacker would then only need to be standing somewhere near the victim’s key fob, as far as four metres away in fact, to rewrite the firmware on the key via a Bluetooth connection, steal the unlock code for the Tesla and then drive it away. 

While you might this requires a lot of laptops and a giant brain, Wouters says the hardware necessary cost him just US$300, and fit easily inside a backpack, while the actual hacking could be done using a phone. So easy.

The software locking code steal takes less than two minutes and once inside the car, another software vulnerability would allow the hacker to turn a blank key fob into the new key, recognised by the Model X.

“Basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time,” said Wouters,. “When you combine them, you get a much more powerful attack.”

Wouters warned Tesla about the hack in August. and he’s been told the company, which refused to comment on the story, plans to start rolling out software updates to its keys soon. Although those updates would only combat half of the hack. 

Tesla also told Wouters the patch may take close to a month to roll out. The researcher, being a nice guy, has not published the specific code  or instructions to allow people to do the hacking themselves, but it’s not hard to imagine that a professional thief would be able to take his hints and run, or drive away, with them.

Stephen Corby

Stephen is a former editor of both Wheels and Top Gear Australia magazines and has been writing about cars since Henry Ford was a boy. Initially an EV sceptic, he has performed a 180-degree handbrake turn and is now a keen advocate for electrification and may even buy a Porsche Taycan one day, if he wins the lottery. Twice.

You May Also Like

2019 Alfa Romeo Tonale concept

Alfa Romeo confirms all-electric plans for 2027

EV Central team Comments Off on Alfa Romeo confirms all-electric plans for 2027
Maserati MC20 is ICE-powered for now, but a triple motor EV version is coming in 2022

Maserati MC20 EV supercar coming- and it’ll be quicker than the ICE

John Carey Comments Off on Maserati MC20 EV supercar coming- and it’ll be quicker than the ICE
Toyota bZ4X

Toyota Australia’s bZ4X price warning: ‘it’s not going to be cheap’

Toby Hagon Comments Off on Toyota Australia’s bZ4X price warning: ‘it’s not going to be cheap’