Research reveals that cars, homes, and personal data of those depending on Bluetooth proximity authentication mechanisms to protect their smart devices are at risk.
The IT security researchers at Manchester, England-based NCC Group have revealed startling details of a Bluetooth hack affecting Tesla Model 3 and Y. It is worth noting that although vehicles from different automotive companies are at risk since Tesla is the talk of the town, the researchers singled out the company mainly to demonstrate the extent of the issue.
The exploit is specifically linked to Bluetooth Low Energy (BLE). Consequently, it impacts all those devices/vehicles that utilize it.
According to NCC Group’s technical advisory published on May 15th, the attack involves relaying the BLE signals from a smartphone already paired with a Tesla. Researchers revealed that this hack allows an attacker to unlock the vehicle door, start it and drive away.
For your information, BLE is a standard protocol used to share data between devices. This protocol is used in vehicles for proximity authentication for unlocking locks. Apart from vehicle locks, it is also used in residential smart locks, smartphone unlocking, commercial building control systems, laptops, smartwatches, etc.
In its blog post