The hack allows you to unlock and steal Tesla
The security researcher was able to exploit a flaw that allowed him to not only unlock the Tesla vehicle but also exit without touching the car keys. Sultan Qasim Khan, a researcher at the NCC Group's cybersecurity firm, presents an attack on a Tesla Model Y from 2021 in a video.
He also claims that the issue was successfully exploited on a Tesla Model 3 in 2020. Using a relay device connected to a laptop, the attacker can wirelessly bridge the gap between the vehicle and the victim's phone, fooling the vehicle into believing the phone is within range, even if it is hundreds of meters (or even miles) away.
This form of attack may be familiar to you. Keychains with floating code authentication in automobiles are vulnerable to attacks similar to those employed by Khan at Tesla.
However, this Bluetooth Low Energy (BLE)-the based attack can only be carried out by two thieves. Alternatively, a tiny relay with an internet connection can be installed somewhere the owner is certain to visit, such as a cafe.
Once the unwary owner is within range of the relay, the attacker can drive away with the automobile in a matter of seconds (according to Khan ten).
This specific assault is the result of a flaw in the BLE protocol, which Tesla utilizes as a key phone and in its Model 3 and Model Y tags. If Tesla vehicles are vulnerable to this attack vector, they are not the only ones.
This also applies to home smart locks or almost any linked device that uses BLE to sense the device's vicinity. According to the NCC, the protocol was never intended for such use.
"The systems that consumers rely on to protect their automobiles, houses, and personal data actually use Bluetooth zoom authentication processes that can be readily bypassed by routinely accessible low-cost technology," according to the NCC Group. "This study highlights the risks of using technology for purposes other than its original purpose, particularly when it comes to security."