Home World Tesla: this hacker has a new method to create duplicate digital keys

Tesla: this hacker has a new method to create duplicate digital keys

Tesla: this hacker has a new method to create duplicate digital keys

Is your Tesla vehicle vulnerable? Perhaps according to the latest find of researcher Martin Herfurt. As the story goes based on information from Project Tempa, he has indeed discovered a new attack (“Timer Authorization Attack”) which makes it possible to open a car belonging to billionaire Elon Musk without being its owner. According to our colleagues, all the hacker has to do is create a new key for the car he wants to steal. Because the NFC card technology, which remains the third means of access to a Tesla, evolved last summer. Until then, you had to approach the windshield and then place it on the middle console to start the vehicle, recalls .

Now, all you have to do is approach the car with the new key and the engine is ready to start for about 130 seconds. And this, because the driver can access his vehicle thanks to a Bluetooth system. And this is the problem identified by Martin Herfurt, because anyone picking up the Bluetooth signal can duplicate the remote keys. He accompanied his find with a video. For this, he used an application similar to PhoneKey but whose protocol is “malicious”. Even if the process is not given to everyone, it is feasible, which is why Martin Herfurt asks to be careful and above all not to “give everyone their key” so that it is not “hacked “.

Few secure models

Martin Herfurt did not publish the application, but if hackers came across it, the risk, note , is that smart guys will market it afterwards. Already in May, a security researcher had revealed that passive devices based on Bluetooth made it possible to make vulnerable the security of a Tesla by a relay attack. Already the manufacturer’s contactless key was concerned. It is enough for a hacker to position himself near the owner of the vehicle, pick up the signal and transmit it to another hacker who can then open it. In February, the ADAC association had also tested 501 car models, and only 23 could not be stolen thanks to a relay attack. As far as Teslas are concerned, there is a simple way to protect yourself from these attacks: secure the start-up with a secret code.


Please enter your comment!
Please enter your name here