Articles New Bluetooth attack can hijack Tesla Model X in...

New Bluetooth attack can hijack Tesla Model X in minutes

-

Tesla is using over the air updates to patch vulnerabilities and add new features to its keyless entry system in Tesla Model X vehicles. However, according to a specialist at Leuven Catholic University (Belgium) Lennert Wouters (Lennert Wouters), using this update delivery mechanism can be stolen in a matter of minutes.

Wouters discovered vulnerabilities both in the Tesla Model X keyless entry system and in the car itself, which allowed him to rewrite the firmware of the key fob via a Bluetooth connection, remove the unlock code and steal the car. According to the researcher, a hijacker who manages to read the identification number (usually visible on the dashboard of the car through the windshield) and approach the victim’s key fob at a distance of 4.6 m will be able to exploit these vulnerabilities. The equipment required for this will cost $ 300, it can easily fit into a backpack, and is controlled using a smartphone.

In just 90 seconds, the device presented by Wouters can extract the radio code to unlock the Tesla Model X. Once inside the car, the hijacker can exploit the second vulnerability and start the car in just a minute using his own key fob.

“Basically, a combination of the two vulnerabilities allows a hacker to hijack a Model X in minutes. If you combine them, the attack will be much more powerful, ”the researcher said.

Wouters notified Tesla of the issue in August of this year, and the company has promised to release fixes for key fobs (and possibly car components) this week. According to the manufacturer, it can take up to one month to send updates to all vulnerable Tesla Model Xs, so owners must install all available updates to protect themselves from the above attack. For his part, the researcher promised not to publish any codes and details about vulnerabilities ahead of time in order to avoid their possible exploitation by hackers.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you