A zero-click exploits let hackers unlock and partially control a nearby Tesla.
A pair of security researchers found a shocking security vulnerability in Tesla software that allowed them to tap into and control the car’s software from afar.
The team found that they could hijack its touch-screen infotainment system to tinker with various driving settings, move the chair around, and most dangerously, unlock and open the car’s doors and trunk from afar, according to Interesting Engineering — all by hovering a drone overhead, emitting a WiFi signal that exploited one of the car’s components.
Thankfully, the two hackers had good intentions this time around. Interesting Engineering notes that they already reached out to Tesla and gave the automaker time to fix its security holes before they went public with their exploit, which they nicknamed TBONE and shared online last week.
“Looking at the fact TBONE required no user interaction, and ease of delivery of the payload to parked cars, we felt this attack was ‘wormable’ and could have been weaponized,” Ralf-Philipp Weinmann, one of the hackers, said in the team’s announcement.
Even though Tesla patched it up, the hack still poses a threat to other automakers that use the same vulnerable component. A less benevolent hacker could just as readily use the TBONE trick to take control over an equally compromised car, even if it’s not a Tesla, and turn that car into a worm that gives the hackers control over other nearby vehicles too. Needless to say, buckle up.
READ MORE: Researchers Hacked into Parked Teslas Remotely with a Drone [Interesting Engineering]
More on hackers: New Hack Steals a Tesla in Minutes Via Bluetooth