Here's How To Hack The Tesla Model X For $300

Video / Comments

Tesla is already working on a fix.

Despite Tesla's mostly very successful efforts, hackers are sometimes able to penetrate its vehicle security systems and expose their flaws. These are known as "exploits" and the good news for Tesla is that a security researcher from Belgium has found two more before criminal hackers did.

Wired reports that Lennart Wouters, an online security researcher from KU Leuven University in Belgium discovered last August two vulnerabilities relating to the Tesla Model X. He immediately updated the automaker. A software patch via an over-the-air-update is now in progress. Wouters also posted a video demonstrating the security breach he found where it would be possible to steal a Model X in a matter of minutes.

2016-2020 Tesla Model X Front View Driving Tesla
2016-2020 Tesla Model X Side View Tesla
2016-2020 Tesla Model X Rear View Driving Tesla

The first vulnerability is essentially the ability to create a key for a Model X simply by knowing the last five VIN digits which happen to be visible on the windshield. It only takes about $300 worth of hardware, a backpack, and standing near the vehicle's owner for about 90 seconds to do the rest. The hardware is a Raspberry Pi minicomputer and a Model X body control module (BCM) that can be bought off eBay.

The BCM enabled Wouters to hijack the Bluetooth radio connection the key fob uses to unlock the vehicle when the owner is only 15 feet away. Next, the hardware rewrites the target fob's firmware. This allowed Wouters to gain access to the code that unlocks the vehicle. He then stored that code in his backpack containing the minicomputer and walked directly up to the Model X. The car immediately unlocked, thinking that it's connected to the original key fob, not the duplicate Wouters made.

Best Tuned Jaguars Ever Made
Best Tuned Jaguars Ever Made
Greatest Mugen-Tuned Cars Ever Made
Greatest Mugen-Tuned Cars Ever Made
2016-2020 Tesla Model X Dashboard Tesla
2016-2020 Tesla Model X Panoramic Windshield Tesla
2016-2020 Tesla Model X Rear Passenger Seats Tesla

Once inside, the second vulnerability was exposed - starting the vehicle. Wouters accessed the USB port located behind a panel under the display, and then connected his backpack/computer to the vehicle's Controller Area Network (CAN) where it told the EV's computer the fake key fob isn't actually fake. The Model X could then start up and drive off.

What Wouters really exposed was the fact the BCM and key fob, even when connected to one another, don't validate firmware updates to the fob. This allowed him to gain access simply by pretending to send new firmware updates from Tesla.

"The system has everything it needs to be secure," Wouters said. "And then there are a few small mistakes that allow me to circumvent all of the security measures."

2016-2020 Tesla Model X Front Angle View Tesla
2016-2020 Tesla Model X Front Angle View Tesla
2016-2020 Tesla Model X Front View Driving Tesla
Source Credits: Wired

Join The Discussion

Gallery

2016-2020 Tesla Model X Badge
2016-2020 Tesla Model X Front Angle View
2016-2020 Tesla Model X Side View
2016-2020 Tesla Model X Rear Passenger Seats
2016-2020 Tesla Model X Dashboard
10
Photos
Back
To Top