For the third time, the Belgian research team's experts demonstrated by hacking Tesla's key fob, how anyone could easily access the car and steal it in no time. The new demonstration attack on Tesla reveals the existing vulnerabilities that Tesla still faces. It also shows security vulnerabilities in Tesla's "Keyless Entry System," one of the industry's most expensive electric vehicles. Experts at COIC (Computer Security and Industrial Cryptography) found significant security vulnerabilities in Tesla X's key fob technology. It is a small tech that allows a person to unlock a car automatically by pressing a button or just passing by.
Ph.D. student Lennert Wouters, a member of the research team, previously demonstrated two hacks on the Tesla Model S, which also had keyless technology. The attack allowed Lennert to unlock the car and start it. Tesla is famous for selling the best 'state-of-the-art' electronic vehicles available in the market. The EVs (electronic vehicles) price range starts from $40,000 (for basic models) and goes above the $100,000 line for top model Tesla X.
Tesla's Model X uses key fob technology with BLE (Bluetooth Low Energy) that interfaces with a smartphone application to gain keyless access into the car. It is where the flaws exist, said the researchers in a press release posted online about the attack. Besides this, BLE is becoming mainstream in key fobs to allow smartphones to interact with people. It was not the first when a Tesla model showed security flaws. In 2016, Chinese experts showed, by hacking Tesla models and breaking into the cars and controlling them.
According to Lennert Wouters, "using a modified Electronic Control Unit (ECU), obtained from a salvage Tesla Model X, we were able to wirelessly (up to 5m distance) force key fobs to advertise themselves as connectable BLE devices. By reverse-engineering the Tesla Model X key fob, we discovered that the BLE interface allows for remote updates of the BLE chip's software. As this update mechanism was not properly secured, we could wirelessly compromise a key fob and take full control over it. Subsequently, we could obtain valid unlock messages to unlock the car later on".