News

Tesla Car Stolen Via Android App Exploit

A Norwegian security firm has found a huge security flaw that allows hackers to locate, unlock, and drive Tesla’s Model S or Model X electric car without a key or fob. Promon, based in Olso, released a proof-of-concept video which shows its staff using the Tesla Android app to ‘steal’ a Model S in keyless mode:

In a post on its website, Promon says:

“As illustrated the demonstration video, our experts have been able to take full control of a Tesla vehicle, including locating and tracking the car, opening the doors and enabling its keyless driving functionality. Crucially, this is all done by attacking and taking control over the Tesla app, and underlines the vital importance of watertight app security, and the wider implications this could have for IoT-connected devices in general.

An analysis of the functionality provided by the Tesla app indicated that the following actions are possible (among many others that were not investigated further):

  • Locate and track the car.
  • Open the doors of the car.
  • Enable the keyless driving functionality that makes it possible to drive the car without the key fob present.”

“Our test is the first one to use the Tesla app as an entry point, and goes a step further by showing that a compromised app can lead directly to the theft of a car,” Tom Lysemose Hansen, Founder and CTO of Promon said (via Forbes).

“By moving away from having a physical car key to unlock the door, Tesla is basically taking the same step as banks and the payment industry. Physical tokens are replaced by ‘mobile tokens,’” Hansen added. “We strongly believe that Tesla and the car industry need to provide a comparable level of security, which is certainly not the case today.”

After being warned by Promon, Tesla issued a patch for its Android app that fixed the vulnerability.

Ashley Allen

Disqus Comments Loading...

Recent Posts

Nvidia’s GeForce RTX 5090 Possible Price Revealed

According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…

10 hours ago

AMD Krackan Processor with 6 Zen 5 and Zen 5c Cores for Budget AI Laptops Leaked

A new AMD processor in the form of an engineering model has been leaked in…

10 hours ago

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

10 hours ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

14 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

14 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

14 hours ago