Tesla Model S Stolen, Thieves Hack the Keyless Entry System
A Tesla Model S was stolen recently in Essex, England after a pair of thieves hacked the car’s high-tech keyless entry system. The whole incident, however, got recorded on the owner’s security cameras.
The thieves had used a method called “relay attack”, exploiting a vulnerability in the car’s PKE (Passive Keyless Entry) system. PKE, unlike RKE (Remote Keyless Entry), causes the vehicle to be unlocked when someone with the key approaches it.
The video shows one of the thieves, a short guy, walking around the house, with a device (a tablet) in his hand, seeking to pick up the signal from the Tesla’s fob. This signal is then boosted to another unit (a phone) that is carried by the second thief, a tall person, who stands near the car. The tall guy is thus able to unlock the car and get in. Both of them find it impossible to figure out how to unplug the car. Finally, the short guy figures it out. They unplug the car, disable remote access and drive off.
This modus operandi has got popular, especially because this kind of an attack can be executed with as little as $20. Tesla has now enabled a feature called “PIN to drive”, which would enable owners to use a PIN before actually driving off with their car using their key fob or authenticated phone (in case of Model 3).
The Drive reports, “The bandits perceivably did their research before nabbing the Tesla as well. According to the video’s description, a feature that enables remote access to the vehicle was disabled prior to taking the car, which means that neither Tesla nor the owner of the vehicle are able to track its whereabouts. Fortunately, the car can be tracked if it uses the Supercharger network.”
The report further says, “Although nearly every single stolen Tesla has been recovered thanks to the vehicle’s always-on connectivity, as more nefarious players become aware of how to disable the modern conveniences and securities, the gap between stolen and recovered cars may widen over time…Ensuring that a key is stored in a Faraday cage could help to prevent the theft of one’s car, or at least prevent them from becoming a repeat victim. For Tesla owners, enabling the company’s PIN to drive can even further facilitate the car’s safety.”
Julia Sowells948 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.