Tesla Model X is currently boasting its advanced updates. Elon Musk’s company is automatically launching new codes to add features and fix bugs.
However, a security researcher revealed Tesla Model X’s vulnerability. The issue can be found in the vehicle’s keyless entry system.
The security expert claimed that a hacker can rewrite the firmware using a Bluetooth connection. Attackers can rewrite the code from the fob.
Once the Bluetooth attack is successful, they can now steal a Tesla Model X within a few minutes. Lennert Wouters said that they found a collection of security issues.
The Belgian university KU Leuven’s security researcher said that the vulnerabilities are in both Tesla Model X cars and their keyless entry fobs.
He added that if any car thief can exploit the combined issues to read a Tesla Model X’s identification number. They can do these within roughly 15 feet of the victim’s key fob.
The attackers can also get the identification number if it is visible on the car’s dashboard through the windshield.
Wouters said that a hacker needs to spend around $300 to buy a hardware kit needed for the attack. They must fit it inside a backpack, and use their phone to control the kit.
Bluetooth attack can be done in 90 seconds
A hacker can exploit the attack in just 90 seconds. In less than two minutes, a cybercriminal can easily extract a radio code that unlocks the Model X.
The security expert explained that once the hacker is inside the system, he can use the second, distinct vulnerability to pair their own key fob with the victim’s Tesla Model X.
This can happen in just a matter of minutes, allowing the attacker to drive off easily.
Wouters said “basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time.”
He added “when you combine them, you get a much more powerful attack.”
The security expert warned Tesla about his Model X keyless entry hacking technique. He revealed the new hack last August.
Because of this, Tesla confirmed that it is rolling out a software update to solve the issue. There could also be new components for the Tesla Model X.
However, these solutions are expected to solve only one part of Wouters’ Bluetooth attack. Tesla coordinated with Wouters and said that it’ll take a few months before they launch the new updates.
Tesla Model X owners are highly advised to install the updates once they are released. The researcher said that he won’t publish any technical details.
He said that his decision not to release the attack’s codes will prevent any car thief from pulling off the hack.
As of the moment, Tesla is making ways on how to prevent the hack. There’s no confirmed report that the hack was actually used in stealing a Tesla vehicle. However, it is still important to take extra safety measures.
Why? Because cyber attackers are coming up with new ways on how to hack any system. The online attacks this year increased since the global pandemic began.