Tesla key system facilitates failed car theft in just 2 minutes

Tesla key system facilitates failed car theft in just 2 minutes

One was identified Serious error in Tesla’s electric car authentication system. It is possible Theft In approx Two minutes car by a Violation Found in The way vehicles go Behavior Keys Based on NFC technology (Near Field Communication). Using a specific approach, a person can Open the door Of automobiles, Start the engine And Register a new key without the official app – or the authority required in general.

Watch the video hosted above YouTubeExplained by describing the situation:

The Concept proof Was presented by Martin Herfert. Insecurity was discovered after an official software change was implemented in August Tesla Released an update that improves the system for handling keys NFC. Previously, they had to be on the dashboard of a full-time vehicle; However, with the improvement, the doors were allowed to open and go With only approach Of authentication cards.

The fault has been found In the first 130 seconds Of the process. According to the explanation Herfert, As published In this website:

“Not only is general permission granted to work during this period, but completed tasks are not canceled after this period; If the key is not found, the car does not stop, for example. In addition, during this period, the system exchanges information with low-energy Bluetooth devices, allowing experts to create an application that makes it possible to register a new NFC key as if it belonged to the car owner.

The expert also showed how other methods of entering the car, such as mobile apps and physical keys, can be blocked by forcing the use of NFC, allowing the attacker to record the key within two minutes of stealing the vehicle.

The procedure is applied without any warning From the official app – or even from the vehicle. The step of registering a key that the owner does not recognize is performed anonymously. The violation was taken advantage of Tesla model y And Model 3. However, Herfert Says All trains With system Drive In NFC Are insecure Invasion

Continue after ads

For security reasons, The details required to make a full replica of the attack will not be disclosed, but the official confirmed that he will issue a limited version of the attack. Teslaki, Exploration App – That will not be possible Criminals take advantage of software to steal cars with the features mentioned.

On social media, some users claim that they have already informed the automaker about other similar issues. For a momentA Tesla has not officially commented.


Thinking of buying a product online? Find the Save the Connected World extension for Google Chrome. It’s free and offers you price comparison between major stores and coupons so you can always shop at the best price. Download now.

Via: canaltech.com.br


Leave a Comment

Your email address will not be published.