http://mobile.geek.com/latest/257569-hackers-remotely-kill-tesla-s-engine-with-a-key-press?origref=
Posted from WordPress for Android
http://mobile.geek.com/latest/257569-hackers-remotely-kill-tesla-s-engine-with-a-key-press?origref=
Posted from WordPress for Android
4 Comments
Tomi Engdahl says:
Android Malware Used To Hack and Steal Tesla Car
https://it.slashdot.org/story/16/11/25/1139233/android-malware-used-to-hack-and-steal-tesla-car
By leveraging security flaws in the Tesla Android app, an attacker can steal Tesla cars. The only hard part is tricking Tesla owners into installing an Android app on their phones, which isn’t that difficult according to a demo video from Norwegian firm Promon.
This malicious app can use many of the freely available Android rooting exploits to take over the user’s phone, steal the OAuth token from the Tesla app and the user’s login credentials.
Android Malware Used to Hack and Steal a Tesla Car
http://www.bleepingcomputer.com/news/security/android-malware-used-to-hack-and-steal-a-tesla-car/
By infecting a Tesla owner’s phone with Android malware, a car thief can hack and then steal a Tesla car, security researchers have revealed this week.
Previous attempts to hack Tesla cars attacked the vehicle’s on-board software itself. This is how Chinese security researchers from Keen Lab have managed to hack a Tesla Model S last month, allowing an attacker to control a car from 12 miles away.
Security experts from Norwegian security firm Promon have taken a different approach, and instead of trying complicated attacks on the car’s firmware, they have chosen to go after Tesla’s Android app that many car owners use to interact with their vehicle.
Tomi Engdahl says:
Grand App Auto: Tesla smartphone hack can track, locate, unlock, and start cars
Musk’s lot better get on this
http://www.theregister.co.uk/2016/11/25/tesla_car_app_hack_enables_car_theft/
A smartphone app flaw has left Tesla vehicles vulnerable to being tracked, located, unlocked, and stolen.
Security experts at Norwegian app security firm Promon were able to take full control of a Tesla vehicle, including finding where the car is parked, opening the door and enabling its keyless driving functionality. A lack of security in the Tesla smartphone app opened the door to all manner of exploits, as explained in a blog post here. The cyber-attack unearthed by Promon provides additional functionality to that exposed by Keen Security Labs in a different hack in late September.
Tom Lysemose Hansen, founder and CTO at Promon, said: “Keen Security Labs’ recent research exploited flaws in the CAN bus systems of Tesla vehicles, enabling them to take control of a limited number of functions of the car. Our test is the first one to use the Tesla app as an entry point, and goes a step further by showing that a compromised app can lead directly to the theft of a car.”
Tomi Engdahl says:
Researchers Hijack Tesla Car by Hacking Mobile App
http://www.securityweek.com/researchers-hijack-tesla-car-hacking-mobile-app
Researchers at Norway-based security firm Promon have demonstrated how thieves with the necessary hacking skills can track and steal Tesla vehicles through the carmaker’s Android application.
In a video released this week, experts showed how they could obtain the targeted user’s credentials and leverage the information to track the vehicle and drive it away. There are several conditions that need to be met for this attack and the victim must be tricked into installing a malicious app on their mobile phone, but the researchers believe their scenario is plausible.
According to Promon, the Tesla mobile app uses HTTP requests and an OAuth token to communicate with the Tesla server. The token is valid for 90 days and it allows users to authenticate without having to enter their username and password every time they launch the app.
Tesla cars can be stolen by hacking the app
https://promon.co/blog/tesla-cars-can-be-stolen-by-hacking-the-app/
Tomi Engdahl says:
Grand App Auto: Tesla smartphone hack can track, locate, unlock, and start cars
Musk’s lot better get on this
http://www.theregister.co.uk/2016/11/25/tesla_car_app_hack_enables_car_theft/
A smartphone app flaw has left Tesla vehicles vulnerable to being tracked, located, unlocked, and stolen.