Just like a year ago, they did it again.
Security researchers at a Belgian university have demonstrated that they could steal Tesla Model S vehicles by cloning the key fob and cracking the replacement that was meant to fix the problem.
A year ago, a serious flaw in the security of Tesla vehicles was revealed. With some standard radio equipment, researchers were able to defeat the encryption on a Model S keyless entry system and wirelessly cloned the sedan’s key fob in seconds. They were able to unlock the car and drive it away without ever touching the owner’s key. In order to fix the flaw allowing remote attacks, Tesla replaced old key fobs with an improved version last year. However, those same researchers say they have found another vulnerability that affects even the new key fobs and can be exploited from within the vicinity of a car.
Researcher Lennert Wouters of Belgian university KU Leuven revealed at the Cryptographic Hardware and Embedded Systems conference in Atlanta a few days ago that his team has again broken the Model S key fob’s encryption. They have found a way to clone the keys and steal the vehicle. The researcher noted the new attack was more limited in its radio range than the previous one and took a few seconds longer to perform. His team didn’t actually carry out the full attack demonstration as they did last year. They have only proven that it is possible to hack the key fob’s encryption and their analysis was convincing enough. Tesla acknowledged the possibility of thieves using the technique and said they have begun rolling out software to fix the issue.
According to Wired.