www.bloomberg.com
Open in
urlscan Pro
151.101.129.73
Public Scan
Submitted URL: http://trib.al/736Rh70
Effective URL: https://www.bloomberg.com/news/articles/2022-05-16/hacker-shows-off-a-way-to-unlock-tesla-models-start-the-engine?utm_camp...
Submission: On May 17 via manual from US — Scanned from US
Effective URL: https://www.bloomberg.com/news/articles/2022-05-16/hacker-shows-off-a-way-to-unlock-tesla-models-start-the-engine?utm_camp...
Submission: On May 17 via manual from US — Scanned from US
Form analysis 0 forms found in the DOM
Text Content
Skip to content
Skip to content
Bloomberg the Company & Its ProductsThe Company & its ProductsBloomberg Terminal
Demo RequestBloomberg Anywhere Remote LoginBloomberg Anywhere LoginBloomberg
Customer SupportCustomer Support
Bloomberg Webinars: Access a broad range of analysis, research, insight & ideas.
BLOOMBERG UK
US Edition
* UK
* Europe
* US
* Asia
* Middle East
* Africa
* 日本
Sign In Sign Out Subscribe
* Live Now
BLOOMBERG TV+
BLOOMBERG MARKETS AMERICAS
Bloomberg Markets Americas. Live from New York, is focused on bringing you
the most important global business and breaking markets news and information
as it happens.
BLOOMBERG RADIO
BLOOMBERG MARKETS
Bloomberg Markets live from New York, focused on bringing you the most
important global business and breaking markets news and information as it
happens.
Listen
--------------------------------------------------------------------------------
QUICKTAKE
THE FUTURE OF WORK: OVEREMPLOYMENT
With the rise of remote working options, some employees have found themselves
living double lives, working two (or more) full time jobs at once. It’s
surprisingly mostly legal, and some will argue they have found the benefits
far outweigh the risk.
ALSO STREAMING ON YOUR TV:
* * Markets
Markets
* Economics
* Deals
* Odd Lots
* The FIX | Fixed Income
* ETFs
* FX
* Factor Investing
* Alternative Investing
* Economic Calendar
* Markets Magazine
MARKETS
UAE to More Than Double LNG Export Capacity With Fujairah Plant
ECONOMICS
US Homebuilder Sentiment Tumbles by Most Since April 2020
MARKET DATA
* Stocks
* Commodities
* Rates & Bonds
* Currencies
* Futures
* Sectors
FOLLOW BLOOMBERG MARKETS
View More Markets
* Technology
Technology
* Work Shifting
* Code Wars
* Checkout
* Prognosis
TECHNOLOGY
China Economy Czar Vows Support for Tech Firms After Crackdown
TECHNOLOGY
Twitter’s Board Recommends Shareholders Vote to Approve Musk Deal
TECHNOLOGY
Mastercard Begins Facial-Recognition Rollout With Retailers
FOLLOW BLOOMBERG TECHNOLOGY
View More Technology
* Politics
Politics
* US
* UK
* Americas
* Europe
* Asia
* Middle East
POLITICS
Alphabet, Netflix Tempt Canada as Source of Cash to Fund Culture
POLITICS
Finnish Parliament Approves Historic NATO Application in Vote
FEATURED
* Next China
FOLLOW BLOOMBERG POLITICS
View More Politics
* Wealth
Wealth
* Investing
* Living
* Opinion & Advice
* Savings & Retirement
* Taxes
* Reinvention
INVESTING
Bill Hwang Seeks Probe of Morgan Stanley in Costly Short Squeeze
INVESTING
Hall Capital Founder Warns the Era of Free Money ‘Has Come to an End’
FEATURED
* How to Invest
FOLLOW BLOOMBERG WEALTH
View More Wealth
* Pursuits
Pursuits
* Travel
* Autos
* Homes
* Living
* Culture
* Style
PURSUITS
Cannes Rolls Out Red Carpet for 75th Film Festival
PURSUITS
Fowler Back Home in Oklahoma Still Trying to Find His Form
FEATURED
* Screentime
* New York Property Prices
* Where to Go in 2022
FOLLOW BLOOMBERG PURSUITS
View More Pursuits
* Opinion
Opinion
* Business
* Finance
* Economics
* Markets
* Politics & Policy
* Technology & Ideas
* Editorials
* Letters
CLARA FERREIRA MARQUES
How Abortion Pills Changed the Political Debate in Ireland
ALEXIS LEONDIS
Adjustable Mortgage Rush Isn't the Same as 2008
SHULI REN
Tiger Cubs and the Danger of Hedge Funds Buying Too Many Unicorns
FOLLOW BLOOMBERG OPINION
View More Opinion
* Businessweek
Businessweek
* The Bloomberg 50
* Best B-Schools
* Small Business Survival Guide
* 50 Companies to Watch
* Good Business
* Subscribe to the Magazine
THE BIG TAKE
Tech’s High-Flying Startup Scene Gets a Crushing Reality Check
ECONOMICS
China’s Pullback on Lending Stalls Dreams of Rebuilding Nigeria
REMARKS
The Tighter Labor Market Is Making Restaurants More Like Factories
FOLLOW BLOOMBERG BUSINESSWEEK
View More Businessweek
* Equality
Equality
* Corporate Leadership
* Capital
* Society
* Solutions
EQUALITY
Plan to Grant Paid Leave for Period Pain Stirs Tensions in Spain
EQUALITY
Belgium Aims to Combat Anti-LGBTQ Assaults With New Action Plan
CORPORATE LEADERSHIP
California Push to Seat More Women on Boards Ruled Unlawful
FOLLOW BLOOMBERG EQUALITY
View More Equality
* Green
Green
* Science & Energy
* Climate Adaptation
* Finance
* Politics
* Culture & Design
CLEANER TECH
Energy Investors Back Startup That Halves Electric-Motor Size, Weight
HYPERDRIVE
Carvana Pits Tiger Cubs Against Jim Chanos After 90% Plunge
FEATURED
* Data Dash
* Hyperdrive
FOLLOW BLOOMBERG GREEN
View More Green
* CityLab
CityLab
* Design
* Culture
* Transportation
* Economy
* Environment
* Housing
* Justice
* Government
* Technology
GOVERNMENT
Here’s How to Get Infrastructure Funds to Smaller Cities
GOVERNMENT
Biden’s Rescue Money Doled Out to Racehorse Owners, Influencers
TRANSPORTATION
Optibus Joins Unicorn Ranks, Driven by Software Routing Public Buses,
Trains
FOLLOW BLOOMBERG CITYLAB
View More CityLab
* Crypto
Crypto
* Decentralized Finance
* NFTs
* Regulation
* Technology
CRYPTO
China Makes a Comeback in Bitcoin Mining Despite Government Ban
CRYPTO
Ether Could Sink Another 80%, Chart Watcher 22V Says
INVESTING
Novogratz Goes Silent on Twitter After Collapse of Coin He Promoted
FOLLOW BLOOMBERG CRYPTO
View More Crypto
* More
--------------------------------------------------------------------------------
Technology
Cybersecurity
HACKER SHOWS OFF A WAY TO UNLOCK TESLA MODELS, START CARS
* Method to exploit smart technology tied to Bluetooth protocol
* No evidences of thieves using technique to access cars
Tesla Model SPhotographer: SeongJoon Cho/Bloomberg
By
Margi Murphy
+Follow
May 16, 2022, 5:36 PM GMTUpdated onMay 16, 2022, 10:19 PM GMT
LISTEN TO THIS ARTICLE
4:35
SHARE THIS ARTICLE
Copied
Follow the authors
@MargiMurphy
+ Get alerts forMargi Murphy
Tesla Inc. customers might love the carmakers’ nifty keyless entry system, but
one cybersecurity researcher has demonstrated how the same technology could
allow thieves to drive off with certain models of the electric vehicles.
A hack effective on the Tesla Model 3 and Y cars would allow a thief to unlock a
vehicle, start it and speed away, according to Sultan Qasim Khan, principal
security consultant at the Manchester, UK-based security firm NCC Group. By
redirecting communications between a car owner’s mobile phone, or key fob, and
the car, outsiders can fool the entry system into thinking the owner is located
physically near the vehicle.
The hack, Khan said, isn’t specific to Tesla, though he demonstrated the
technique to Bloomberg News on one of its car models. Rather, it’s the result of
his tinkering with Tesla’s keyless entry system, which relies on what’s known as
a Bluetooth Low Energy (BLE) protocol.
There’s no evidence that thieves have used the hack to improperly access Tesla
vehicles. The carmaker didn’t respond to a request for comment. NCC provided
details of its findings to its clients in a note on Sunday, an official there
said.
Khan said he had disclosed the potential for attack to Tesla and that company
officials didn’t deem the issue a significant risk. To fix it, the carmaker
would need to alter its hardware and change its keyless entry system, Khan said.
The revelation comes after another security researcher, David Colombo, revealed
a way of hijacking some functions on Tesla vehicles, such as opening and closing
doors and controlling music volume.
BLE protocol was designed to conveniently link devices together over the
internet, though it’s also emerged as method that hackers exploit to unlock
smart technologies including house locks, cars, phones and laptops, Khan said.
NCC Group said it was able to conduct the attack on several other carmakers and
technology companies’ devices.
Kwikset Corp. Kevo smart locks that use keyless systems with iPhone or Android
phones are impacted by the same issue, Khan said. Kwikset said that customers
who use an iPhone to access the lock can switch on two-factor authentication in
lock app. A spokesperson also added that the iPhone-operated locks have a
30-second timeout, helping protect against intrusion.
Kwikset will be updating its Android app in “summer,” the company said.
“The security of Kwikset’s products is of utmost importance and we partner with
well-known security companies to evaluate our products and continue to work with
them to ensure we are delivering the highest security possible for our
consumers,” a spokesperson said.
A representative at Bluetooth SIG, the collective of companies that manages the
technology said: “The Bluetooth Special Interest Group (SIG) prioritizes
security and the specifications include a collection of features that provide
product developers the tools they need to secure communications between
Bluetooth devices.
“The SIG also provides educational resources to the developer community to help
them implement the appropriate level of security within their Bluetooth
products, as well as a vulnerability response program that works with the
security research community to address vulnerabilities identified within
Bluetooth specifications in a responsible manner.”
Khan has identified numerous vulnerabilities in NCC Group client products and is
also the creator of Sniffle, the first open-source Bluetooth 5 sniffer. Sniffers
can be used to track Bluetooth signals, helping identify devices. They are often
used by government agencies that manage roadways to anonymously monitor drivers
passing through urban areas.
A 2019 study by a British consumer group, Which, found that more than 200 car
models were susceptible to keyless theft, using similar but slightly different
attack methods such as spoofing wireless or radio signals.
In a demonstration to Bloomberg News, Khan conducted a so-called relay attack,
in which a hacker uses two small hardware devices that forward communications.
To unlock the car, Khan placed one relay device within roughly 15 yards of the
Tesla owner’s smartphone or key fob and a second, plugged into his laptop, near
to the car. The technology utilized custom computer code that Khan had designed
for Bluetooth development kits, which are sold online for less than $50.
The hardware needed, in addition to Khan’s custom software, costs roughly $100
altogether and can be easily bought online. Once the relays are set up, the hack
takes just “ten seconds,” Khan said.
“An attacker could walk up to any home at night – if the owner’s phone is at
home - with a Bluetooth passive entry car parked outside and use this attack to
unlock and start the car,” he said.
“Once the device is in place near the fob or phone, the attacker can send
commands from anywhere in the world,” Khan added.
(Updated to clarify reference to the affected Tesla models, remove mention of
engines.)
SHARE THIS ARTICLE
Copied
Follow the authors
@MargiMurphy
+ Get alerts forMargi Murphy
Have a confidential tip for our reporters?
Get in touch
Before it's here, it's on the
Bloomberg Terminal
Learn more
by Taboolaby Taboola
Sponsored LinksSponsored Links
Promoted LinksPromoted Links
From The Web
EnergyBillCruncher
New York Gov Will Cover The Cost To Install Solar If You Own A Home In These Zip
CodesEnergyBillCruncher
Train Tours | Savings Center
European Train Tour SpecialsTrain Tours | Savings Center
Senior Mobility | Search Ads
Mobility Scooters Finally on Clearance SaleSenior Mobility | Search Ads
Amazing Furniture Sales
These Unique Bed Frames Take Sleep To The Next LevelAmazing Furniture SalesShop
Now
Camper Van Warehouse | Search Ads
These Loaded Camper Vans Are Turning HeadsCamper Van Warehouse | Search Ads
Senior Cell Phones | Sponsored Searches
Did You Know That Medicaid Offers 5G Phones For Seniors?Senior Cell Phones |
Sponsored Searches
LIVE ON BLOOMBERG
Watch Live TVListen to Live Radio
Video Player is loading.
Play Video
Play
Unmute
Current Time 0:00
/
Duration 0:00
Loaded: 0%
0:00
Progress: 0%
Stream Type LIVE
Remaining Time -0:00
Playback Rate
1x
Chapters
* Chapters
Captions
* captions settings, opens captions settings dialog
* captions off, selected
Fullscreen
This is a modal window.
Beginning of dialog window. Escape will cancel and close the window.
TextColorWhiteBlackRedGreenBlueYellowMagentaCyanTransparencyOpaqueSemi-TransparentBackgroundColorBlackWhiteRedGreenBlueYellowMagentaCyanTransparencyOpaqueSemi-TransparentTransparentWindowColorBlackWhiteRedGreenBlueYellowMagentaCyanTransparencyTransparentSemi-TransparentOpaque
Font Size50%75%100%125%150%175%200%300%400%Text Edge
StyleNoneRaisedDepressedUniformDropshadowFont FamilyProportional
Sans-SerifMonospace Sans-SerifProportional SerifMonospace SerifCasualScriptSmall
Caps
Reset restore all settings to the default valuesDone
Close Modal Dialog
End of dialog window.
Play Again
Terms of Service Do Not Sell My Info (California) Trademarks Privacy Policy
©2022 Bloomberg L.P. All Rights Reserved
Careers Made in NYC Advertise Ad Choices Help
You've reached your free article limit. Explore Offerscontinue