The Tesla Model X is probably the least popular model in Spain of the electric car manufacturer; It is understandable since it is a luxury SUV aimed at a different audience to that of the recent Tesla Model Y.
Still, the latest study by Belgian researcher Lennert Wouters is worrying, showing how easy it is to access one of these cars without even having to obtain the key or know anything about the victim.
The Teslas stand out for being more 'intelligent' than is usual in the sector; It is thanks to this that they have been allowing control from the mobile phone for years or the use of digital keys that replace the physical ones.
Tesla Model X Hacked
However, that reliance on smart car systems means that errors have the potential to be much more serious; for example, a stranger can use the Bluetooth connection to unlock the car.
The process to open the doors takes only 90 seconds, and from there it is easy to take control, start and steal the vehicle; It seems surprising, but that is because although the execution of the attack is very simple, the attack itself is not and requires a lot of preparation and a significant monetary investment.
The attack depends on a series of vulnerabilities discovered by Wouters in the Tesla Model X and its keyless opening system; Each vulnerability is not important separately, but Wouters realized that exploiting all of them could bypass car security.
The attack begins by obtaining the identification number of the car, which can be seen through the windshield without having to open it; In addition, the attacker must know who owns the car and keep about four and a half meters from the victim, with the aim of capturing the radio signals unique to his car.
The hardware necessary to perform this attack is publicly available, but it is neither cheap nor small. The device is based on a Raspberry Pi computer, with modules connected to capture and decrypt the signal; In total, it represents an investment of about 250 euros, in addition to using a smartphone. Although it is very large, it fits in the backpack and does not need to be removed for a long time.
How Do you Get It To Work?
The attack consists of two steps. First, it is necessary to intercept the key signal using Bluetooth, since Tesla can also be unlocked with the official app. But opening the doors is only the beginning; Tesla's won't start if they don't detect the key inside. To cheat the system, it is necessary to connect the computer directly to a hidden port on the dashboard, to indicate to the car that everything is correct and that it can be started.
It is surprising that these attacks work because they are the most obvious; And in fact, Tesla and other manufacturers already have many measures to avoid them; they are possible only thanks to small flaws that can be exploited if you know what you are doing.
Wouters alerted Tesla last August of the consequences of these vulnerabilities; although the company has not made any public statement in this regard, as is customary on the other hand. Tesla is notorious for not investing in advertising, and its public relations department closed last October; Elon Musk prefers to use his Twitter account to report the news. It is also on Twitter that at the beginning of the year he offered a million dollars to anyone who could hack a Tesla, as part of a special event.
The researcher has made the results of his study public because he has received confirmation that an update will be released this week that will solve these problems, which will take approximately one month to reach all the vehicles sold. Furthermore, Wouters has not released the source code or technical details of the attack to prevent it from being copied before most cars can be updated.