What Happened
Hackers can exploit a feature that lets Tesla owners create their own key to open their cars, Martin Herfurt, an Austrian security researcher found, as per an Ars Technica report.How It Works
The update makes it easier to start a Tesla vehicle via near-field communication (NFC) key card. It triggers the EV to automatically start within 130 seconds of unlocking with the NFC card.While allowing this, the feature also puts the car in a state of accepting entirely new keys without requiring authentication, the researcher said. Indication about this is not given by the in-car display either, he said.
A hacker only needs to be next to the Tesla vehicle during the 130-second window. If a car owner uses the phone app to unlock the car, the hacker can use a signal jammer to block the Bluetooth Low Frequency (BLE) used by Tesla’s phone-as-a-key app.
Tesla’s logic in allowing this, according to the researcher, may have to do with allowing the car owner to start the car and drive it without having to use the key card a second time.
Although one can argue that the official Tesla app doesn’t permit keys to be enrolled unless it is connected to the owner’s account, Herfurt said the vehicle can communicate with any nearby BLE device.
The researcher has reportedly developed an app named Teslakee that speaks VCSec, the language the official Tesla app uses to communicate with Tesla cars.