LONDON – Tens of millions of digital locks worldwide, together with on Tesla vehicles, might be remotely unlocked by hackers exploiting a vulnerability in Bluetooth know-how, a cybersecurity agency mentioned on Tuesday.
In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was capable of open after which drive a Tesla utilizing a small relay gadget connected to a laptop computer which bridged a big hole between the Tesla and the Tesla proprietor’s cellphone.
“This proves that any product counting on a trusted BLE connection is susceptible to assaults even from the opposite aspect of the world,” the UK-based agency mentioned in a press release, referring to the Bluetooth Low Power (BLE) protocol – know-how utilized in hundreds of thousands of vehicles and sensible locks which mechanically open when in shut proximity to an authorised gadget.
Though Khan demonstrated the hack on a 2021 Tesla Mannequin Y, NCC Group mentioned any sensible locks utilizing BLE know-how, together with residential sensible locks, might be unlocked in the identical manner.
Tesla didn't instantly reply to a request searching for remark.
NCC Group mentioned such a vulnerability was not like a standard bug which might be fastened with a software program patch and added BLE-based authentication was not initially designed to be used in locking mechanisms.
“In impact, techniques that folks depend on to protect their vehicles, properties and personal knowledge are utilizing Bluetooth proximity authentication mechanisms that may be simply damaged with low-cost off-the-shelf hardware,” the agency mentioned.
“This analysis illustrates the hazard of utilizing applied sciences for causes aside from their meant objective, particularly when safety points are concerned”.
Post a Comment