tesla vehicles can be stolen with new relay attack, but there’s a two-inch caveat

A new relay attack has demonstrated that Tesla vehicles can be stolen with a quick hack, but thieves need to work in pairs and get as close as two inches from your phone or key card.

Security researchers at IOActive reverse-engineered Tesla’s NFC protocol and have demonstrated a new relay attack:

To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla uses between the NFC card and the vehicle, and we then created custom firmware modifications that allowed a Proxmark RDV4.0 device to relay NFC communications over Bluetooth/Wi-Fi using the Proxmark’s BlueShark module.

After having the protocol, the security researchers can build a device to quickly replicate the signal and send it to another NFC-enabled device.

IOActive describes the attack in a white paper:

This relay attack requires two attackers; in this case, one of the attackers will be using the Proxmark device at the vehicle’s NFC reader, and the other can use any NFC-capable device (such as a tablet, computer, or for the purposes of this example, a smartphone) close to either the victim’s Tesla NFC card or smartphone with the Tesla virtual key. The Proxmark and the second attacker’s smartphone can communicate via Bluetooth using the BlueShark module for the Proxmark RDV4.0, or even via Wi-Fi, connecting the Proxmark to a tiny computer like a Raspberry Pi or similar with Bluetooth while the Raspberry Pi connects to the second attacker’s smartphone via Wi-Fi.

They released a video demonstration of the hack on a Tesla Model Y:

While the attack does show a vulnerability, the thieves need to get the device within two inches of the owner’s key card or phone.

The security researchers noted that they believe that the hack can be achieved with longer distances between the device and the key using Bluetooth, but they haven’t demonstrated that.

A Tesla vehicle was recently used to demonstrate a Bluetooth hack that can unlock cars.

Thefts of Tesla vehicles are quite rare in North America, but in Europe, they have some more sophisticated thieves that managed a string of Tesla vehicle thefts through relay attacks, like this new one.

In response to those attacks, Tesla started rolling out extra layers of security with an “improved cryptography” key fob and optional “PIN to Drive” feature. Once applied, these measures can greatly decrease the chances of your Tesla vehicle being stolen.

In this case, on top of the PIN to Drive feature, drivers can carry their Tesla key card in an RFID card holder to protect against the attack, but it wouldn’t apply if you use your phone as a key, which is what most Tesla owners do.

Add Electrek to your Google News feed.  Google News google-news


Keyword: Tesla vehicles can be stolen with new relay attack, but there’s a two-inch caveat

CAR'S NEWS RELATED

Elon Musk vs Twitter trial still scheduled to start October 17

A legal filing made public on Wednesday revealed that Elon Musk and Twitter’s trial would proceed on Monday, October 17, 2022. Earlier this week, Elon Musk decided to move forward with his $44 billion Twitter acquisition. Despite his decision, Chancellor Kathaleen McCormick of the Delaware Chancery Court wrote in ...

View more: Elon Musk vs Twitter trial still scheduled to start October 17

GO Rentals, first Rental Car company in NZ to offer fleet of the new Tesla Model Y

Photo / Supplied Electric Vehicles are proving popular for people steering clear of a gas-guzzling, but local companies have had to contend with supply chain delays in getting these new cars onto the road. James Dalglish, GO Rentals Chief Operating Officer, says the company is thrilled to be adding ...

View more: GO Rentals, first Rental Car company in NZ to offer fleet of the new Tesla Model Y

On the ground in Ukraine using Starlink to stay connected

Starlink is helping many people in Ukraine, including a friend of mine who is on the ground helping to train the military. Gia Santos shared her story of how Starlink has helped her to stay connected. She recently wrote an article in Vocal titled, Don’t forget how Starlink helped Ukraine ...

View more: On the ground in Ukraine using Starlink to stay connected

2023 Ford F-150 Lightning Pro MSRP set to increase as supply chain woes continue

Ford is increasing the MSRP of the 2023 Pro trim level of the F-150 Lightning, its all-electric pickup truck, as supply chain challenges have forced the automaker to adjust prices. A Ford spokesperson told Teslarati in an emailed statement today that the company would adjust the MSRP of the ...

View more: 2023 Ford F-150 Lightning Pro MSRP set to increase as supply chain woes continue

Tesla’s Giga Berlin is the largest private employer in Brandenburg

Tesla’s Gigafactory in Grünheide is now the state of Brandenburg’s largest private employer, RBB reported citing its own research. Currently, around 7,000 from over 50 countries work at Giga Berlin which reflects a growth of 3,000 employees since May. Following Tesla, the mining group, LEAG, has the second highest ...

View more: Tesla’s Giga Berlin is the largest private employer in Brandenburg

TeslaCam Catches Truck Driver Shooting At Model S In Road Rage Incident

He was arrested for aggravated assault with a deadly weapon; the Tesla owner was filmed brake checking the truck beforehand.

View more: TeslaCam Catches Truck Driver Shooting At Model S In Road Rage Incident

EPA could make EVs eligible for Renewable Fuel Standard credit, boosting incentives

Electric Vehicles could be eligible for the Renewable Fuel Standard Credit, which would add yet another incentive to an EV purchase. The EPA is reportedly considering adding EVs to the list of eligible vehicles, and the idea could be confirmed in an upcoming proposal dealing with biofuel blending mandates. ...

View more: EPA could make EVs eligible for Renewable Fuel Standard credit, boosting incentives

Tesla Showed “Cybertruck On Mars” AI-Generated Images During AI Day

Tesla used artificial intelligence on its supercomputer to create images of made-up Cybertrucks.

View more: Tesla Showed “Cybertruck On Mars” AI-Generated Images During AI Day

Tesla's Expansion For Ecological Paradise Approved For Giga Texas

How EV adoption is soaring in unlikely circumstances, and what could make it better

Tesla Model 3 Tuned By Manhart Gets Lowered Suspension, New Splitter

After cutting radar, Tesla now dropping ultrasonic sensors from its EVs

Tesla Solar Roof comes to North and South Carolina

Tesla retail investors load up on $500M worth of TSLA in last 5 trading days

CAM study finds Tesla still as most innovative manufacturer

Tesla’s removal of ultrasonic sensors has been teased since Cybertruck unveiling

Tesla Giga Texas expansion project for ‘ecological paradise’ gains approval

Tesla to stop using ultrasonic sensors later this year

Elon Musk’s X platform the only way forward after Twitter purchase: analyst

Tesla ditches ultrasonic sensors, moves completely to Tesla Vision

OTHER CAR NEWS

;
Breaking thailand news, thai news, thailand news Verified News Story Network TopCarNews France | Actualités et Salons Automobiles, Fiches Techniques, Photos et Magazine Auto