Everyone knows that Tesla is one of the most high-tech car brands out there, but this could be causing issues for owners. Recently, a group of security researchers found that they could hack a Tesla Model S in just a matter of seconds.
How? Simple: they cloned the key fob, opened the door, and drove the car away.
The Belgian team who hacked Tesla’s encryption claim that anyone with basic hacking knowledge can do this. All it takes is $600 in equipment. Not bad for a roughly $100,000 car.
The radio and computing tech will allow a hacker to read the key fob’s signals. Only two seconds later, they have all of the information they need to clone the fob and steal the car. You can watch how they did it below.
“Today, it’s very easy for us to clone these key fobs in a matter of seconds,” Lennert Wouters, one of the KU Leuven researchers, told Wired. “We can completely impersonate the key fob and open and drive the vehicle.”
Telsa recently released a new feature for the Model S which allows owners to add a PIN to their car before it can be driven. In this instance, even with the official key fob, you cannot move the car without the PIN. Owners with this feature enabled are much less vulnerable to the hack.
Tesla also said it upgraded its key fob after the hack was found, and that any Model S sold after June is not at risk. If a person bought their Model S before June, however, and hasn’t ponied up for an upgraded key fob, their luxury electric sedan is still exposed.
As with most other keyless entry systems, Tesla’s version sends a code to the radio in the car, which then triggers the locking mechanism. It also sends a signal that allows the car to be started. In the case of the Tesla Model S system, however, the encryption is especially weak—only 40-bit cipher. On top of this, the researchers found that when they got the codes from a fob, they could try different combinations of code to find the right one.
Their $600 equipment did this for them in just 1.6 seconds.
When the researchers informed Tesla that they had found this vulnerability, it gave them $10,000. Tesla first learned of the issue in August 2017 and yet it wasn’t fixed until June of 2018. The electric carmaker claims that the fixes were released as “quickly as possible.”
Tesla also claims that owners can track their cars via the Tesla app, so even if the car is stolen, it should be easy to find. That’s probably not much comfort to Tesla owners who must now fork out more money for new key fobs.
While we can’t protect your Tesla from hackers, we can protect your mobile and desktop devices. So download Hotspot Shield for free today and keep the hackers at bay.