New attack can unlock and start a Tesla Model Y in seconds, say researchers
by Kim Zetter from The Verge - All Posts on (#63HVW)
Illustration by Alex Castro / The Verge Tesla prides itself on its cybersecurity protections, particularly the elaborate challenge system that protects its cars from conventional methods for attacking the remote unlock system. But now, one researcher has discovered a sophisticated relay attack that would allow someone with physical access to a Tesla Model Y to unlock and steal it in a matter of seconds.
The vulnerability - discovered by Josep Pi Rodriguez, principal security consultant for IOActive - involves what's called an NFC relay attack and requires two thieves working in tandem. One thief needs to be near the car and the other near the car owner, who has an NFC keycard or mobile phone with a Tesla virtual key in their pocket or purse.
Near-field communication keycards...