Lennert Wouters, a security researcher at Belgian university KU Leuven, today revealed a collection of security vulnerabilities he found in both Tesla Model X cars and their keyless entry fobs. He discovered that those combined vulnerabilities could be exploited by any car thief who manages to read a car’s vehicle identification number—usually visible on a car’s dashboard through the windshield—and also come within roughly 15 feet of the victim’s key fob.
The hardware kit necessary to pull off the heist cost Wouters around $300, fits inside a backpack, and is controlled from the thief’s phone. In just 90 seconds, the hardware can extract a radio code that unlocks the owner’s Model X. Once the car thief is inside, a second, distinct vulnerability Wouters found would allow the thief to pair their own key fob with the victim’s vehicle after a minute’s work and drive the car away.
Read the full article at Wired