SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
20 Sep 2016

Tesla hackers take remote control of door locks, lights and brakes

A team of security researchers from China have remotely hacked into a brand new Tesla Model S, controlling its sunroof, lights, boot and even the brakes from a laptop several miles away.

Thankfully, Keen Security Lab, a division of the Chinese internet company Tencent, are 'white hat' hackers, who have only made the exploit public now that Tesla has fixed the problem worldwide with an over-the-air software update.

The hack, shown off in a YouTube video, requires the car to connect to a malicious Wi-Fi hotspot. The team then demonstrates how a driver searching for nearby charger stations online (after connecting to the network) opens the back door for hackers to break into the Tesla's software. Once remote access to the car has been established, the hackers are then able to control various features, including the brakes, while the car is moving.

Potential hackers could also have used this exploit, before it was patched by Tesla, to unlock the doors, take over control of the dashboard computer screen, open the boot, move the seats and activate the indicators, as well as fold in the wing mirrors while the car is being driven. The most alarming aspect, of course, is how the brakes can be applied without the driver's involvement.

Thankfully, the flaw was disclosed to Tesla in private and the company fixed the issue within 10 days. A software update was sent out to all cars to remove the vulnerability from their software, and only then did Keen Security Lab go public with their discovery.

But the very fact this hack took place has raised alarm bells in the cyber security world. Brian Spector, CEO of cyber security firm Miracl, said: ""These hacks demonstrate the serious problems around identity verification in today's connected cars. Having very limited encryption, identity management and data protection within such a powerful computer is extremely dangerous and poses a real and serious threat to everyone using our roads today."

Moving forward into a world of autonomous cars, Spector said: "The potential fallout from this lack of authentication becomes even more frightening."

In a statement sent to US media, Tesla said: "The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly ... We commend the research team behind today's demonstration and plan to reward them under our bug bounty programme, which was set up to encourage this type of research."

Tags:
hackers Wi-Fi
Source:
IBTimes
2268
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015