Tesla’s cars are notoriously hackable, and a new video demonstrates a way an adept cybercriminal could hope inside your car’s system and take it for a ride if they’re nearby.
First reported by Ars Technica, the exploit involves manipulation of a relatively new feature that Tesla added last August. The feature allows drivers to turn on their vehicles merely by opening the car’s door with a near-field communication (NFC) key card. Those cards come with all Tesla Model 3 vehicles and use short range radio-frequency identification (RFID) signals to interact with the car’s computer system. Unlocking the door launches a 130 second period where the car starts up all on its own. It allows the driver to have the car running as soon as their butt is in the seat.
But that new mode is also vulnerable to a unique exploit that could get your sweet ride jacked, according to Martin Herfurt, an Austrian security researcher. Herfurt says that Tesla’s feature doesn’t just turn your car on automatically; it also puts it in a state where the vehicle is open to “whitelisting” new keys to unlock the car door. Aside from NFC cards, Tesla Model 3s can also be unlocked with either a key fob or a Tesla mobile app registered to the owner’s account.
Herfurt created his own mobile app, which he dubbed the “TeslaKee,” that communicates with the feature in VCsec—the language that the Tesla app uses to chat with Tesla vehicles—and which he says is able to “whitelist” itself as a key that can open the car’s doors. Keys can be remotely added in this way by abusing the new feature, with no authentication requirements necessary to add them, Herfurt claims. He made a YouTube video showing how the exploit could work. It’s pretty damn simple. You can check it out down below:
Granted, the situation you would have to be in for this to happen is ridiculous. First, the hacker would have to do what Herfurt has done, and engineer their own app. Then, they’d have to sit around and wait for you to park your car. Then, presumably, they’d execute the exploit, and trail you until you reached a destination and got out. Then, yes, they could hijack your ride. A little bit far fetched but in the world of cybercrime, weirder things have happened!
Tesla shut down its PR department in 2020, so we couldn’t reach out to the company for comment. Maybe we’ll tag Elon on Twitter and ask him about it.