The Tesla Model S and Model X have an app to control the vehicle, and since the car is connected to the internet, is suitable to being hacked. That’s what a group of researchers from Norway just proof it. They did the first Tesla hack (at least the first one caught on video).
The theory behind the breach is very simple. The target connects to a fake network and download a fake app (to achieve that, this app promises a free burger). After that the phone is infected with a malware
The hacker has total access to the victims phone. When he put his credential in the Tesla app, that information is then transferred and now the bad guy have access to the car and all its functionality.
However, to be fair, the Tesla Software in the car or app is not where they found the breach. The exploit it’s a social one. But it’s still one.
A Tesla spokesman found the demonstration misleading and not accurate, this is what he said.
“The report and video do not demonstrate any Tesla-specific vulnerabilities. This demonstration shows what most people intuitively know – if a phone is hacked, the applications on that phone may no longer be secure. The researchers showed that known social engineering techniques could be employed to trick people into installing malware.
on their Android devices, compromising their entire phone and all apps, which also includes their Tesla app. Tesla recommends users run the latest version of their mobile operating system.”
Like I said, the exploit was social, for this to work the victim needs to fall for it. However, the scary part is that can work with other apps and cars. This problem is not only Tesla’s but everyone’s. This particularly issue with android is already fixed, but for sure is not going to take long for crackers to figure out another breach.
source:Electrek.co