Skip to main content

Researchers hack and steal a Model S; Tesla says vulnerability now fixed

COSIC researchers hack Tesla Model S key fob

Stealing a car used to require a blunt object to break one of its windows, and basic electrical knowledge to hot-wire it. Two Belgian security experts discovered an encryption flaw that let them drive away in a Tesla Model S without busting any glass or cutting any wires.

Recommended Videos

Researchers working at the KU Leuven University in Belgium figured out a relatively simple way to digitally break into a Model S by defeating the encryption in the wireless key fob, according to Wired. It’s a technique that requires about $600 worth of radio and computing equipment, so it’s not something anyone can do with their smartphone, but that’s a small investment considering the price of a Model S. The hardware is used to access the cryptographic key programmed into each fob and copy it, which essentially creates a new key fob. The thieves can thereupon enter any Model S and drive off in it without setting off the alarm.

“Today, it’s very easy for us to clone these key fobs in a matter of seconds. We can completely impersonate the key fob and drive the vehicle,” revealed researcher Lennert Wouters in an interview with Wired. He added figuring out how to hack into a Model S took about nine months.

Tesla awarded the researchers a $10,000 bug bounty when they privately shared their discovery in August of 2017. It then spent nearly a year verifying the technique and developing a fix, which it began rolling out in June of 2018. First, it designed a more secure key fob. That means cars manufactured after that point aren’t affected by the problem.

Earlier models — a vast majority of the ones on the road — received an additional security barrier via an over-the-air software update. This lets owners set a PIN code that must be entered on the car’s touchscreen before it can be driven off. It’s similar to the PIN that protects a smartphone. Tesla told Digital Trends the PIN function will come to the Model 3 in the future.

“Due to the growing number of methods that can be used to steal many kinds of cars with passive entry systems, not just Teslas, we’ve rolled out a number of security enhancements to help our customers decrease the likelihood of unauthorized use of their vehicles,” a Tesla spokesperson told Digital Trends. “Based on the research presented by this group, we worked with our supplier to make our key fobs more secure by introducing more robust cryptography for Model S in June 2018,” the California-based company added.

Wouters and his partner, Tomer Ashur, blame the flaw on a key fob manufactured by British electronics firm Pektron. McLaren, Karma, and Triumph also use Pektron-sourced key fobs so the same hack could allow thieves to break into vehicles made by those brands.

“This attack is out there, and we’re not the only people capable of coming up with it,” Ashur warned.

Update: added statement from Tesla.

Ronan Glon
Ronan Glon is an American automotive and tech journalist based in southern France. As a long-time contributor to Digital…
Tesla has released a cheaper Model 3 — and I really hope it comes to the U.S.
Tesla Model 3 Highland Front

The Tesla Model 3 is already one of the most popular electric vehicles, thanks to its large selection of great EV features and a reasonably low price compared to other electric cars. But it seems like Tesla is working on making the car even cheaper and has released a more affordable Model 3 with a downgraded interior in Mexico.

Don’t get me wrong. I’m glad that the Model 3 is available at a lower price in Mexico (it cuts the price of the current base Model 3 by around $4,000). But I really hope the vehicle makes it to the U.S.
What's different?
There are a few things that set the cheaper Model 3 variant apart from the current base Model 3 in the U,S. Most of these have to do with a regression of features compared to the Model 3 Highland update that was released last year. For example, the new passenger display in the back seat has been removed, and the accent lighting in the car is white only. Additionally, the seat coverings are a cheaper fabric instead of the faux leather available in the current Model 3. And there are no options for heated seats or a heated steering wheel.

Read more
Tesla software update fixes hood safety issue on 1.8M cars
Tesla's Model 3 refresh, codenamed Highland, features a sleeker front.

Tesla has issued a software update for 1.85 million of its vehicles in the U.S. to fix a safety issue involving the hood.

A notice posted online by the National Highway Traffic Safety Administration (NHTSA) on Tuesday explained the problem, saying that after a customer action opens the hood, it's possible that the latch assembly will fail to detect that it's open, thereby preventing a driver notification of the hood’s open state when the vehicle is placed into drive.

Read more
The base Tesla Model 3 isn’t bad, but you should probably upgrade
Tesla Model 3 Highland Front

Tesla is expanding the available options for the Model 3. Some time ago, Tesla stopped selling the Model 3 Long Range Rear-Wheel Drive, but the company has rereleased that version of the Model 3 in the form of the new Model 3 Highland design. This expands the number of Model 3 options available to four.

There are plenty of good reasons to buy a Tesla Model 3, but one of them is most certainly the price. The base version of the Model 3 starts at $38,990 before any tax incentives or other discounts. Sure, that’s not cheap, but it does make the Model 3 one of the least expensive high-end EVs out there right now. If you’re interested in the Model 3, however, I don’t think you should buy the base model. I think you should upgrade.

Read more