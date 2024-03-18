Technology, the cross and delight of the latest generation cars. We are talking about a double-edged sword, sometimes a real advantage, other times a dangerous risk for car thefts. The two researchers who demonstrated how easy and quick it can be to steal a Tesla by recreating a copy of the Phone Key know this well. The system is based on the “man in the middle” method, also known by the acronym “MiTM”, and seriously risks becoming a nightmare for motorists; although Elon Musk doesn’t seem to be worried about it, and preaches calm.

How to Steal a Tesla with the Phone Key App

This flaw in Tesla’s system was revealed by a pair of researchers specialized in computer security systems formed by Talal Haj Bakry and Tommy Mysk. The two scholars clearly demonstrated how to steal a Tesla through a so-called MiTM phishing attack using a WiFi network to then recreate a copy of the digital key on the smartphone, the Tesla Phone Key. With the new Phone Key you have free access to the passenger compartment of the car, with the possibility of starting the engine. And all this without the Card Key associated with the vehicle; that is, the “key” to Tesla cars.

The Tesla Phone Key App allows you to unlock the car and start it

Tesla all models vulnerable to phishing attacks

Haj Bakry and Mysk then simulated a cyber attack using the MiTM method on a Tesla equipped with on-board software 11.1 2024.2.7, using the updated version of the Tesla application 4.30.6. The two researchers thus demonstrated how easy it is to create a new Phone Key associated with the vehicle in question without creating any suspicion either on the owner or on the car’s system. A procedure that thus leverages a sort of breach in the protection system of the electric car, and which, in theory, would allow anyone to take possession of it and, as if that wasn’t enough, also to start the engine without requiring the tools necessary for these operations.

Beware of “Tesla guest” WiFi

So, just create a new WiFi network, to be named “Tesla guest”, and you’re practically done. The name of the network is crucial; in fact, this will not catch the eye, and probably will not be understood as an alarm, as it is a very common name among the SSIDs used by Tesla service centers. So, once the victim has been found and the network has been created, all you have to do is wait for the unfortunate driver to connect to the new WiFi.

The card key to open the doors of a Tesla is safer than the Phone Key against car theft

The victim will then be redirected to a new login page, fake of course, where they will be asked to re-enter their Tesla login codes, including the all-important two-factor authentication code. Finally, the Tesla owner’s codes are stolen and used to access her profile in the official application of the US car company, through which it is possible to control some functions of the vehicle.

App Phone Key Tesla

Tesla’s “Phone Key” is a feature that allows owners of Tesla vehicles to use their smartphone as a key to unlock and start the vehicle. This eliminates the need to use a traditional physical key. Simply recreate a new Phone Key to open and take away the car. At this point the thief is able to add to the same profile another device in control of him, and above all in his possession, and thus create a new Phone Key connected to the Tesla in question, taking command of it.

In short, for the creation of a new Phone Key there are no security checks or authentication of any kind. And furthermore, this does not produce any notification to be sent to the original device through the Tesla app, nor on the car’s dashboard screen.

How to protect yourself?

How to protect yourself and avoid having your Tesla stolen? Simply, just be careful not to enter access data to unknown or “guest” WiFi networks.

The demonstration video of the MiTM method

Tesla problem (serious), but Elon Musk doesn’t want to listen…

Woe betide you if you take this problem lightly, and not so much because car thefts through technological methods are increasing (see the use of so-called code grabbers which are “populating” in Italy). But mostly because the two researchers Talal Haj Bakry and Tommy Mysk have found a real flaw in the Tesla system. Finally, Haj Bakry and Mysk showed the parent company their experiment with the so-called MiTM method, highlighting the serious problems of the system. But according to Tesla, what was ascertained by the study carried out by the pair of researchers is not considered a real weakness, but rather an expected behavior.