Hackers stole Tesla using cheap device from a Russian developer

No time to read?
Get a summary

In the US, cybersecurity experts Tommy Misk and Talal Haj Bakri were able to unlock, start and drive a Tesla Model 3 electric car using a $169 hobbyist Flipper Zero radio signal scanning and copying device and a Wi-Fi card. It made it possible to reproduce the signal of someone else’s car key, bypassing two-factor authentication. The hackers talked about their experiments in a video on YouTube.channel Mysk company.

Researchers used Flipper Zero in conjunction with a Wi-Fi card to create and publish a fake Tesla login page before tricking the victim into sharing their credentials.

Thus, they were able to intercept the credentials of the Tesla owner who connected to the fake network and entered the necessary information. At the same time, the password and two-factor authentication code appeared on the Flipper Zero screen.

Having received the necessary details, the hackers logged into the victim’s account and unlocked his car. They managed to find the car via the app. It turns out that the Tesla app doesn’t notify you that a new device has been added to your account.

Taking full control of someone else’s electric car, Misk and Bakri transferred all the collected data to Tesla, informing them about the security vulnerability they found.

Flipper Zero is a pocket-sized device with a small monochrome display. The device is designed to scan and interact with a variety of wireless communication protocols, including Bluetooth, Wi-Fi, NFC, infrared or regular radio. It was designed by Russian Pavel Zhovner.

Previously Canadian officials were completely prohibited Flipper Zero in the country due to the increase in car thefts.

No time to read?
Get a summary
Previous Article

Biden approved the project that will finance the US government for six months 03.23.2024,

Next Article

Polls closed for presidential elections in Slovakia