The Tesla Model X electric car is known to have dangerous loopholes. Hackers can exploit the loophole and have the car stolen in no time. According to Lennert Wouters, a security researcher at the University of KU Leuven in Belgium, the gap was found in the key fob that can be used to wirelessly start a car.
Hackers can rewrite the firmware from that key fob via a Bluetooth connection and use it to steal a Tesla Model X in just a matter of minutes. Wouters explained that the tools needed to perform this action were not expensive.
With a fund of 300 US dollars, Wouters can assemble a special device that can be controlled via cellphone to break the key to the Tesla Model X. Tesla himself designed the key fob key ( wireless ) Model X to be able to receive the update firmware in over-the-air via a Bluetooth connection.
The Bluetooth also connects the key with the computer in the Tesla Model X car wirelessly. That’s where the weak point is. According to Wouters, the key cannot validate firmware that is installed over-the-air . Wouters discovered that he could rewrite the firmware inside the key and then generate a fake key.
As a result, in just 90 seconds, the electric car was hacked. With the car unlocked thanks to the fake fob, he can then connect to his computer via a port that can be accessed from the dashboard. Then, through the computer he can trick the car’s security system and make the car think the fake keys Wouters made are genuine.
The Tesla Model X itself has a unique cryptographic certificate to prevent this from happening. However, the security system does not really function as it should Overall, it only took Wouter less than three minutes to steal the Tesla Model X.
“Basically, the combination of two security holes found in the Tesla Model X allows hackers to take control of the car in just a few minutes,” explained Wouters.
Compiled from Wired, Friday (27/11/2020), Wouters had contacted Tesla and informed him of the existence of this gap last August. Knowing this, Tesla then announced that it would launch an update for the Tesla Model X security system in the near future.
It took about a month for Tesla to roll out updates evenly. Therefore, Tesla Model X users are encouraged to stay up-to-date and patiently wait for the software update in question. Wouters also cautioned users not to share and publish any code regarding their Tesla Model X vehicle identification number.