A cybersecurity researcher has shown how Tesla can be unlocked by hackers
Sultan Qasim Khan is the principal security consultant at the Manchester, UK-based security firm NCC Group. By redirecting communications between a car owner’s mobile phone, or key fob, and the car, outsiders can fool the entry system into thinking the owner is physically near the vehicle.
The hack is feasible for any model that has a Bluetooth Low Energy (BLE) protocol.
Khan suggested the company to alter its hardware and change its keyless entry system to fix it. Another security researcher, David Colombo also hacked Tesla’s features by opening and closing doors and controlling music volume.
“The security of Kwikset’s products is of utmost importance and we partner with well-known security companies to evaluate our products and continue to work with them to ensure we are delivering the highest security possible for our consumers,” a spokesperson said.
Khan has identified several vulnerabilities in NCC Group client products and is also the creator of Sniffle which is used to track Bluetooth signals, helping identify devices.
The hardware needed with Khan’s custom software costs around $100 altogether and can be easily bought online. Once the relays are set up, the hack takes just “ten seconds,” Khan said.
“An attacker could walk up to any home at night – if the owner’s phone is at home – with a Bluetooth passive entry car parked outside and use this attack to unlock and start the car,” he said.
“Once the device is in place near the fob or phone, the attacker can send commands from anywhere in the world,” Khan added.