Tesla cars, smart locks prone to Bluetooth vulnerability hack, report says
The Hindu
The cybersecurity firm performed a relay attack on a 2020 Tesla Model 3, which uses a BLE-based entry system, to unlock and drive the vehicle.
Hackers can exploit a new Bluetooth low energy (BLE) vulnerability to unlock digital locks in cars and other smart devices. Vehicles like Tesla, that use Bluetooth-based proximity authentication systems are vulnerable to such hacks, according to cybersecurity firm NCC Group.
(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
The U.K.-based company performed a relay attack on a 2020 Tesla Model 3, which uses a BLE-based entry system, to unlock and drive the vehicle. The attack tool can be used for any devices communicating over BLE, and is not specific to Tesla vehicles, it noted.
“Systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware — in effect, a car can be hacked from the other side of the world,” NCC Group said in a statement.
Several vehicle manufacturers, including Tesla, use the Bluetooth-based system that automatically unlocks a vehicle when people with an authorised mobile device or key fob come close to them.
In its testing, the cybersecurity firm placed two relay devices, one at seven metres distance from an iPhone 13 mini with the Tesla app and the other located three metres away from the Tesla vehicle, it explained, adding that the attack tool was deployed while the iPhone was outside the Bluetooth range of the vehicle.
In addition to the Tesla car, the firm conducted an attack on Kevo smart locks, which are used in residential locking systems.
Fierce wildfires threaten LA landmarks as firefighters battle flames and residents face devastation and evacuations.
Vaduthala overbridge project in Kochi aims to ease traffic congestion, with land acquisition complete and tenders invited.
Delhi High Court denies bail to alleged ISIS member for radicalising youths online, promoting violence and supporting terrorism.
Local residents in Kozhikode protest against soil mining for National Highway 66, demanding authorities to stop the landfilling.
Meta CEO Mark Zuckerberg announces removal of fact-checkers, shift towards user-driven content moderation, sparking concerns over misinformation.
Vellore Corporation interlinks sewer lines for UGD system, aiming for completion by May, covering 60 wards in four zones.
KMRL explores feasibility of Water Metro services in 18 locations nationwide, aiming to revolutionize urban transport sustainably.
The popular Kadamattam St. George Orthodox Church has got a new lease of life thanks to efforts by history buffs, who see the preservation of the church and its famous murals in their original form as a way to provide a peek into the rich heritage of Christianity in Kerala
Friends of Snakes Society rescues 13,028 snakes in Telangana in 2024, highlighting conservation efforts and volunteer safety measures.
G.V. Sampath felicitates K.S. Viswanathan for cricket contributions at TNCA event in Vellore. Hall of Fame inductee.
The Infosys Science Foundation (ISF) celebrated outstanding achievements in research and innovation by awarding the Infosys Prize 2024 to six scholars during a felicitation ceremony here on Saturday.