Security researchers at IOActive have reverse-engineered security protocols that allow them to get entry into a Tesla. However, it isn’t a standalone attack and requires impeccable timing and a partner. News of thieves stealing Tesla across Europe has become more common and this new hack demonstrated by IOActive showcases the possibility of gaining entry into the vehicle using an NFC attack.
Researchers demonstrated the hack in action in a video they shared on IOActive’s YouTube channel. The hack was effortless and required a two-man team to execute it.
How does Tesla theft work?
Security researchers at IOActive studied the NFC protocol Tesla uses to offer entry into the vehicle using the NFC card. They then created a custom firmware that allowed Proxmark RDV4.0 device to relay NFC communications over Bluetooth/Wi-Fi using Proxmark’s BlueShark module.
In layman’s terms, one person uses his smartphone to capture the Tesla NFC card signal and sends it to the other person holding the Proxmark device. Tesla recognizes the NFC signal and thinks that it is the real owner with their NFC card trying to enter the device.
While this hack targets NFC, it is also possible to execute it with Bluetooth, which will offer a longer range. Currently, one person has to go very close to the Tesla owner’s NFC card to execute the hack (a 2-inch distance from the card).
Tesla realized this a while back and released a firmware upgrade along with the option to turn on the car with a PIN for added security. With a PIN enabled, an attacker can get into the car with the NFC hack but cannot drive unless he/she enters the correct PIN. Moreover, if you use the NFC card, you must use an RFID signal blocking wallet, which prevents the attackers from scanning the information stored on the card.
But if you use your smartphone to store your Tesla card, it can be scanned with ease. So, to remove any chances of being hacked and losing your expensive EV like this, enable the PIN to Drive feature in your vehicle.