Researcher Joseph P Rodriguez from IOActive spoke about a new vulnerability in the Tesla Model Y.
This phenomenon with the so-called NFC “relay attack” requires two hijackers to work. One of them is located near the electric car, and the second is next to the victim, who has an NFC key in his pocket or bag.
The first communication cracker uses a Proxmark RDV4.0 device to create with an NFC receiver in a car door. The car reacts to the gadget and sends a signal that should determine the owner of the NFC card. Proxmark transmits a signal via Wi-Fi or Bluetooth to a smartphone, which is held next to the owner’s NFC key.
The signal is present on the side, and the hijacker gets full access to the electric car. The whole process takes a matter of seconds. True, there is a nuance: the method works until the moment the hacker turns off the car – then the mechanisms are all made anew. Or you need to take care of the key of your own card in advance.
Rodriguez banned Tesla owners from activating a PIN to start the car. Thus, they additionally protect it from coverage. [The Verge]
Source: Iphones RU