Tesla is known for regularly improving its electric cars with over-the-air updates to fix bugs and add new features. The company is now working on a new update that’ll patch a Bluetooth vulnerability that would allow someone to steal a Tesla Model X in just a few minutes.
Wouters released information about several security vulnerabilities that make it easy for a thief to steal a Tesla with a hardware kit that costs less than $300 and a computer.
According to Wouters, a thief could purchase a hardware kit that fits inside a backpack and is controlled by the thief’s phone. The thief would need to read the car’s vehicle identification number printed on the car’s dashboard and visible through the window. They also would need to be within 15 feet of the keyless entry fob to establish a Bluetooth connection.
In 90 seconds, the hardware can uncover the radio code that can then be used to unlock the car. Once recovered, the rest of the hack can be performed remotely.
“Basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time. When you combine them, you get a much more powerful attack.”Lennert Wouters
Once inside the car, a second vulnerability would let a thief pair his own fob with the vehicle and drive away with it. This second hack would take a minute or two of work and did not require any additional tools.
Wouters shared his information with Tesla earlier this year but has not publicly revealed the hack’s details. The company began working on a software fix and is rolling it out this week to its key fobs. This update will block at least one of the vulnerabilities identified by Wouter.
Tesla told Wouters that the patch could take about a month to roll out to all Tesla Model X owners.
Wouters plans to present these findings at the Real World Crypto conference in January 2021.