Relay Attack against Teslas

2022-09-15 15:28

Radio relay attacks are technically complicated to execute, but conceptually easy to understand: attackers simply extend the range of your existing key using what is essentially a high-tech walkie-talkie.

One thief stands near you while you're in the grocery store, intercepting your key's transmitted signal with a radio transceiver.

Another stands near your car, with another transceiver, taking the signal from their friend and passing it on to the car.

Since the car and the key can now talk, through the thieves' range extenders, the car has no reason to suspect the key isn't inside-and fires right up.

Tesla's credit card keys, like many digital keys stored in cell phones, don't work via radio.

By reverse-engineering the communications between a Tesla Model Y and its credit card key, they were able to properly execute a range-extending relay attack against the crossover.

News URL

https://www.schneier.com/blog/archives/2022/09/relay-attack-against-teslas.html

#attack #tesla