Security News > 2022 > May > Hackers can steal your Tesla Model 3, Y using new Bluetooth attack

Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy relay attack that bypasses all existing protections to authenticate on target devices.

BLE technology is used in a wide spectrum of products, from electronics like laptops, mobile phones, smart locks, and building access control systems to cars like Tesla Model 3 and Model Y. Pushing out fixes for this security problem is complicated, and even if the response is immediate and coordinated, it would still take a long time for the updates to trickle to impacted products.

Both the Tesla Model 3 and Model Y use a BLE-based entry system, so NCC's attack could be used to unlock and start the cars.

While technical details behind this new BLE relay attack have not been published, the researchers say that they tested the method on a Tesla Model 3 from 2020 using an iPhone 13 mini running version 4.6.1-891 of the Tesla app.

These findings were reported to Tesla on April 21st. A week later, the company responded by saying "That relay attacks are a known limitation of the passive entry system."

NCC Group's research on this new proximity attack is available in three separate advisories, for BLE in general, one for Tesla cars, and another for Kwikset/Weiser smart locks, each illustrating the issue on the tested devices and how it affects a larger set of products from other vendors.

News URL

https://www.bleepingcomputer.com/news/security/hackers-can-steal-your-tesla-model-3-y-using-new-bluetooth-attack/