Hackers Steal Tesla with Bluetooth?

Criminals Steal Tesla in 10 Seconds

Elon Musk has nothing to worry about – Really. The South African billionaire continues to set the Internet on fire, as he blazes his mark on history. However, if you are a fan of the influential billionaire, chances are you own a Tesla. The entire globe is fascinated with Musk’s fascinating story, especially his self driving electric vehicles.

In our everyday life, everything unique is bound to attract the attention of criminals. The NCC Group of security experts has created a tool that could let hackers steal the latest Tesla model. The researchers were able to perform a Bluetooth Low Energy (BLE) relay attack that bypasses the authenticated protection system on the targeted Tesla model.

Criminals can easily hack and used the BLE technology as it is built in a wide variety of technology enhanced products, which range from laptops, smartphones, headphones, and building access control systems. Bluetooth technology is also a key component in many car brands and including the Tesla Model 3 and Model Y.

Now, criminal hackers can drive away with your Tesla since it is inconceivable to quickly push out patches to fix this security issue. Also, even if Elon Musk and his team of top engineers could rapidly get that done, reacting and organizing the rollout could be an extended process, making it quite difficult to administer the upgrades that would fix the affected Tesla models.

Hackers’ Attack Mechanism

With the NCC’s team test; it shows that a hacker can use the Ble device to intercept and manipulate the communication system that controls the key fob that unlocks the vehicle. The criminal can also drive away that Tesla model by carrying out a relay attack.

Now, with the automobile itself responding to the commands of the hacker, it allows the attacker to take over the vehicle’s transmission process, which would then give the criminal the ability to relay the signal to the tested Tesla model as if they were in close proximity to the vehicle.

Products that have BLE capability usually have proximity-based authentication, which includes specific amounts of latency. Bluetooth devices also have built-in link-layer encryption that protects the tech gadget against relay attack methods to prevent hackers from compromising technology products.

10 Seconds Theft Test

The hacker’s campaign to steal a Tesla takes roughly ten seconds, with the bad part being that the hack could be repeated indefinitely, according to Sultan Qasim Khan, a member of the NCC Group.

The Tesla Model 3 and Model Y both use the BLE-based entry mechanism, so the test was carried out by the NCC group to show how a car thief could easily unlock and start these two Tesla vehicles.

However, the technical details of this novel BLE relay attack have not been released, but the test was done on the 2020 Tesla Model 3, which is built with version 4.6.1-891 of the Tesla software.

According to the NCC spokesperson, the team of engineers developed a tool that operates the link layer with a latency of 8ms, which is within the GATT (Generic ATTribute Profile) response’s acceptable 30ms range.

The engineers were able to transfer communication from the iPhone to the car via two relay devices. The phone and the car, which were built with the same Ble technology, were about 25 meters apart. In addition, the identical experiment was also successfully reproduced on a Tesla Model Y built 2021.