How This Android Hacker Steals Tesla Car By Offering A Free Burger
Tesla Motors proudly flaunts how its electric cars can be controlled using the Tesla app. It’s good to have a car which can be loaded with features by just pushing a software update. The company has also started making its cars fully automatic by adding extra self-driving hardware. Tesla app enables an owner to unlock the car, check battery status, GPS location, turn on climate control, etc. The app uses the internet connection do all these things and also disables the minimum distance barrier between the user and the car.
All of these modern features make Tesla cars vulnerable to potential attackers. The Tesla app on an Android device can be compromised to gain unauthorized access to the car. This is what a team of researchers from the security firm Promon AS has demonstrated for a Tesla Model S.
In the demo, the researchers take the advantage of Tesla’s Keyless driving functionality. It enables Tesla owners to start the car by typing their password in the smartphone app.
To steal a Tesla car, the hackers lure the user to download a malicious app offering free burger by providing an open WiFi hotspot near a Tesla charging station. Basically, the task is to get the app installed on the owner’s device using your social engineering skills.
Once the user installs the app on Android, the malware in the app will access the Tesla app credentials and send it to the hacker over the internet. Then, using a laptop, the hacker can unlock the Tesla, enable keyless driving, and take it away.
The hack is not specific to Tesla app, according to the researchers, it can be used for other Android apps too. The unavailability of latest Android version to most of the device owners also acts as a major contribution in making their device vulnerable to such attacks.
Reference:fossbytes.com
Comments
Post a Comment