News

Tesla Car Stolen Via Android App Exploit

A Norwegian security firm has found a huge security flaw that allows hackers to locate, unlock, and drive Tesla’s Model S or Model X electric car without a key or fob. Promon, based in Olso, released a proof-of-concept video which shows its staff using the Tesla Android app to ‘steal’ a Model S in keyless mode:

In a post on its website, Promon says:

“As illustrated the demonstration video, our experts have been able to take full control of a Tesla vehicle, including locating and tracking the car, opening the doors and enabling its keyless driving functionality. Crucially, this is all done by attacking and taking control over the Tesla app, and underlines the vital importance of watertight app security, and the wider implications this could have for IoT-connected devices in general.

An analysis of the functionality provided by the Tesla app indicated that the following actions are possible (among many others that were not investigated further):

  • Locate and track the car.
  • Open the doors of the car.
  • Enable the keyless driving functionality that makes it possible to drive the car without the key fob present.”

“Our test is the first one to use the Tesla app as an entry point, and goes a step further by showing that a compromised app can lead directly to the theft of a car,” Tom Lysemose Hansen, Founder and CTO of Promon said (via Forbes).

“By moving away from having a physical car key to unlock the door, Tesla is basically taking the same step as banks and the payment industry. Physical tokens are replaced by ‘mobile tokens,’” Hansen added. “We strongly believe that Tesla and the car industry need to provide a comparable level of security, which is certainly not the case today.”

After being warned by Promon, Tesla issued a patch for its Android app that fixed the vulnerability.

Ashley Allen

Disqus Comments Loading...

Recent Posts

Corsair Launches MP700 ELITE Series PCIe 5.0 M.2 SSDs

Corsair has unveiled the MP700 ELITE series, their latest PCIe 5.0 SSDs, now available for…

1 min ago

US Considers Merger Between Intel and AMD to Counter Intel’s Decline

The bad times that Intel is going through have given rise to news and information…

9 mins ago

AMD Ryzen AI 300 Now Supports LPDDR5X-8000 Memory

The arrival of the AMD Ryzen AI 300 processors, codenamed Strix Point, initially came with…

17 mins ago

In the 90s, Nintendo Was So Popular Every Gaming Product Was Called ‘Nintendo’

In the 90s, "Nintendo" became almost a universal term for any gaming console, much like…

34 mins ago

ASUS ROG Swift OLED XG27AQDMG 2560×1440 240Hz 0.03ms Widescreen Gaming Monitor

ROG Strix OLED XG27AQDMG gaming monitor ― 27-inch (26.5-inch viewable) 1440p glossy WOLED panel, 240…

1 hour ago

Ducky x Varmilo MIYA 69 Pro Moonlight 65% Cherry MX Blue Switch Gaming Keyboard

65% form factor mechanical keyboard Stunning design backlit in white Genuine Cherry MX switches PBT…

1 hour ago