Security News > 2020 > November > Tesla Hacked and Stolen Again Using Key Fob
Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes.
Researchers from the Computer Security and Industrial Cryptography, an Imec research group at the University of Leuven in Belgium, have "Discovered major security flaws" in the key fob of the Tesla Model X, the small device that allows someone to automatically unlock the car by approaching the vehicle or pressing a button.
Tesla sells some of the most state-of-the-art EVs available, ranging in cost from about $40,000 for the most basic models to more than $100,000 for a top-of-the-line Tesla Model X.The key fob for the Model X key uses Bluetooth Low Energy to interface with a smartphone app to allow for keyless entry, which is where the vulnerabilities lie, researchers said in a press release published online about the hack.
The team detailed the two-stage proof-of-concept attack they staged using a self-made device built from widely available and fairly inexpensive equipment: a Raspberry Pi computer that they purchased for $35 accompanied by a $30 CAN shield; a modified key fob and Electronic Control Unit from a salvage vehicle that they bought for $100 on eBay; and a LiPo battery that cost $30. Tesla has already released an over-the-air software update to mitigate the flaws, researchers said.
They previously hacked into the key fob of a Passive Keyless Entry and Start system of a Tesla Model S, and then devised another attack that was successful on the same model after Tesla updated the key fob to fix the flaw that allowed earlier access.