Belgian security researcher hacked Tesla with Raspberry Pi

Belgian security researcher hacked Tesla with Raspberry Pi

Belgian computer security researcher Lennert Wouters has once again succeeded in hacking a Tesla car, this time using Bluetooth Low Energy (BLE) capabilities.

He identified a serious vulnerability in the keyless entry system that allowed criminals to bypass the onboard security system of an approximately $ 100,000 vehicle.

The Tesla Model X key fob allows owners to automatically unlock the vehicle when they approach it or press a button, using BLE to communicate between the car and a smartphone app. Wouters, a PhD student at the Computer Security and Industrial Cryptography (Cosic) Research Group at the University of Leuven, developed a way to hack this circuit, and for a practical proof-of-concept he used a single-board Raspberry Pi microcomputer, a modified key fob and an engine control unit (ECU) from a decommissioned Model X. and other components totaling $ 195.

“Through reverse engineering of the Tesla Model X key fob, we found that the BLE interface allows remote software updates running on the BLE chip. Since this update mechanism was not properly secured, we were able to hack the key fob wirelessly and take full control of it. Subsequently, we could receive genuine unlock messages in order to unlock the car later, ”- this is how Wouters describes the essence of the project.

To exploit this vulnerability, the hijacker only needs to approach the victim about 5 meters in order to activate the key fob, send his software into it, and gain complete control. This process is said to take one and a half minutes. The thief can then receive genuine commands to unlock the vehicle, and after gaining access to the on-board diagnostic connector, he can associate the modified key fob with the electric vehicle, start the car, and drive away.

This is the third time that Wouters has successfully hacked a Tesla vehicle using a keyless key fob. In previous cases, he was able to “clone” the device.

Belgian security researcher hacked Tesla with Raspberry Pi

Leave a Comment