GM Volt Forum banner

Gone in 130 seconds: Tesla NFC key card allows thieves to steal Teslas

640 Views 0 Replies 1 Participant Last post by  Steverino
New "Teslakee" hack gives thieves their own personal key. Martin Herfurt, a security researcher in Austria, quickly noticed something odd about the new feature: Not only did it allow the car to automatically start within 130 seconds of being unlocked with the NFC card, but it also put the car in a state to accept entirely new keys—with no authentication required and zero indication given by the in-car display.

All that's required is to be within range of the car during the crucial 130-second window of it being unlocked with an NFC card. If a vehicle owner normally uses the phone app to unlock the car—by far the most common unlocking method for Teslas—the attacker can force the use of the NFC card by using a signal jammer to block the BLE frequency used by Tesla's phone-as-a-key app.

Based on the lack of response Herfurt said he received from Tesla regarding vulnerabilities he uncovered in 2019 and again last year, he's not holding his breath that the company will address the issue.

  • Like
Reactions: dannyV and FlipFlop