Recently, two European researchers have demonstrated how a Tesla can be hacked remotely without any user interaction. They carried out the attack from a drone showing that possibly other smart cars are vulnerable too.
They were able to crack open a Tesla’s doors with a remote hack from a drone carrying a Wi-Fi dongle. The bugs were patched in October last year, so the hack shouldn’t be possible today, according to the researchers. But the benevolent hackers – Ralf-Philipp Weinmann, CEO of Kunnamon, and Benedikt Schmotzle of Comsecuris – showed off their exploits today at the CanSecWest conference, noting that they required no interaction from anyone in the car. That would’ve made the hack particularly useful for would-be thieves.
Researchers used a drone connected to Wi-Fi to launch an attack. They successfully hacked a parked car, opened its doors from a distance of up to 100 meters (300 feet). The Tesla models affected by the bugs are Tesla S, 3, X, and Y.
“Adding a privilege escalation exploit such as CVE-2021-3347 to TBONE would allow us to load new Wi-Fi firmware in the Tesla car, turning it into an access point which could be used to exploit other Tesla cars that come into the victim car’s proximity. We did not want to weaponize this exploit into a worm, however,” Weinmann said.
It’s not the first time Tesla has been the target of cybersecurity researchers’ hacks. In 2020 security experts at McAfee showed off exploits that managed to make Tesla’s autonomous driving feature take the car up to 85MPH in a 35MPH zone. The same year, academics at KU Leuven University’s Computer Security and Industrial Cryptography (COSIC) hacked and stole a Tesla in two minutes by targeting issues in Bluetooth, using $200 worth of equipment.
Tesla patched the vulnerabilities in October 2020. The auto maker has reportedly stopped using ConnMan’s internet connection manager. They also notified Intel, the original maker of ConnMan. And since the ConnMan component is widely used in the automotive industry, Weinmann and Schmotzle reported the bugs to Germany’s national CERT so that it informs potentially impacted vendors.
Over the past years, cybersecurity researchers from several companies have demonstrated that a Tesla car can be hacked, in many cases remotely.