Security researchers have discovered a flaw in Tesla cars that could allow hackers to take over the car by hijacking the WiFi network of Tesla charging stations. Tommy Mysk and Talal Haj Bakry of Mysk Inc. Flipper Zero demonstrated how to exploit this vulnerability using a simple $169 hacking tool called a Raspberry Pi or laptop.
The process involves creating a wireless WiFi network like “Tesla Guest” that acts as a social network that Tesla provides at its charging stations. It’s no wonder Tesla owners are tricked into connecting to a fake network and entering their credentials into a fake login page. Once hackers have these credentials, they can bypass Tesla’s two-factor authentication and gain access to the victim’s Tesla smartphone app.
From here, a thief can unlock the car, create a “phone key” and drive the car without needing a key card. Surprisingly, Tesla does not notify users when a new key is generated, leaving users unaware of a security breach.
Security researchers have discovered a flaw in Tesla cars that could allow hackers to take over the car by hijacking the WiFi network of Tesla charging stations. Tommy Mysk and Talal Haj Bakry of Mysk Inc. Flipper Zero demonstrated how to exploit this vulnerability using a simple $169 hacking tool called a Raspberry Pi or laptop.
The process involves creating a wireless WiFi network like “Tesla Guest” that acts as a social network that Tesla provides at its charging stations. It’s no wonder Tesla owners are tricked into connecting to a fake network and entering their credentials into a fake login page. Once hackers have these credentials, they can bypass Tesla’s two-factor authentication and gain access to the victim’s Tesla smartphone app.
From here, a thief can unlock the car, create a “phone key” and drive the car without needing a key card. Surprisingly, Tesla does not notify users when a new key is generated, leaving users unaware of a security breach.