Hacker shows how to unlock, start and drive off with someone else’s Tesla

One researcher has demonstrated how the same technology could allow thieves to drive off with certain models of electric vehicles.

Sultan Qasim Khan, principal security consultant at the Manchester, UK-based security firm NCC Group, said that a hack on the Model 3 and Y cars would allow a thief to start the car and drive away.

By redirecting communications between a car owner's mobile phone and the car, outsiders can fool the entry system into thinking the owner is near the vehicle.

Khan showed the technique to the news service on one of the car models. The result of his tinkering with the keyless entry system is the BLE protocol.

There is no evidence that the hack was used to access the cars.

The company didn't reply to the request for comment.

The official said that the details of the findings were provided in a note on Sunday.

According to Khan, he disclosed the potential for attack to the company, but they didn't think it was a significant risk. To fix it, the carmaker would need to change its hardware. The revelation comes after another security researcher, David Colombo, revealed a way of hijacking functions on the cars.

BLE protocol was designed to link devices together over the internet, but it has also been used to hack into smart technologies such as house locks, cars, phones and laptops. The group said it was able to attack several other companies.

The same issue is affecting smart locks that use a keyless system. Customers who use an Apple device to access the lock can use two-factor authentication in the lock app. The 30-second timeout helps protect against intrusion, as well as the iPhone-operated locks.

The company said that it will be updating its app in the summer.

The security of Kwikset's products is of paramount importance and we partner with well-known security companies to evaluate our products and continue to work with them to ensure we are delivering the highest security possible for our consumers.

A representative at the collective of companies that manages the technology said that the specifications include a collection of features that provide product developers the tools they need to secure communications.

The vulnerability response program that works with the security research community to address vulnerabilities identified within the specifications of the protocol is one of the educational resources provided by the SIG.

Khan is the creator of Sniffle, a first-of-its-kind open-sourced Bluetooth 5 sniffer, and he has identified numerous vulnerabilities in the client products of the NCC Group. Sniffers can help identify devices. They are used by government agencies to monitor drivers in urban areas.

More than 200 car models were found to be vulnerable to keyless theft, using similar but slightly different attack methods such as spoofing wireless or radio signals.

In a demonstration, Khan used two small hardware devices to forward communications. Khan placed a relay device within 15 yards of the car owner's phone and laptop, and plugged them into his laptop. The technology used custom computer code that Khan had designed for the kits that are sold online for less than $50.

The hardware needed for Khan's custom software costs around $100 and can be purchased online. The hack takes just ten seconds once the relays are set up.

An attacker could walk up to any home at night if the owner's phone is in the house.

The attacker can send commands from anywhere in the world once the device is in place.