Tesla's Model X is vulnerable to hackers and thieves, Belgian researchers claim

Marco Green
November 25, 2020

The researchers said they were able to break into the SUV, which starts at $80,000, using a few hundred dollars' worth of equipment.

Tesla built a network of connected cars.

Researchers noted that process took about 90 seconds.

Like many tech companies, Tesla sometimes offers bounties to "white hat" hackers who discover issues with their security. An over-the-air software update is being pushed to the key fobs, they said, which will better lock them down.

Wired was first to report on the vulnerability.

Tesla apparently no longer has a functioning press office to respond to requests for comment or confirmation, and CEO Elon Musk has not said anything about the discovery on social media. "However, other keyfobs which have an insecure firmware update mechanism could also be vulnerable to a similar attack". Woulters was able to use a separate Model X body control module from eBay plugged into the a computer port in the auto that was easily accessible, and pair the vehicle with his own "key" - something the Tesla computer system didn't verify.

"Basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time". Researchers used the spare control unit to get key fobs within several meters to advertise themselves as "connectable".

The security bugs allowed taking full control of the key fob and of the auto by remotely updating the Tesla Model X's BLE chip with specially crafted firmware.

Once the key fob was compromised, the researchers were able to capture valid unlock messages which allowed them to unlock the auto at any time. "By connecting to the diagnostic connector, we can pair a modified key fob to the vehicle", Wouters added.

Wouters said that with a smartphone-controlled $300 hardware kit that included a Raspberry Pi and Tesla body control module purchased on Ebay, he could unlock the vehicle remotely via Bluetooth, as long as he is within about 50 feet of the owner's keyfob.

Other reports by Click Lancashire

Discuss This Article