San Francisco, Sep 13 (IANS) A cyber security researcher has discovered a sophisticated relay attack that can allow someone with physical access to a Tesla Model Y to unlock and steal it in a jiffy.
Tesla claims that this security issue is mitigated with the “PIN to Drive” feature, which would still allow attackers to open and access the car, but would not allow them to drive it.
Josep Pi Rodriguez, principal security consultant for independent computer security services firm IOActive, said that this feature is optional, and Tesla owners who are not aware of these issues may not be using it.
IOActive contacted Tesla about this issue in the Model Y and believes that Tesla is well aware of this issue in other models.
“However, we have made several attempts to contact them and let them know that the same issue exists in the Model Y, with no response,” said Rodriguez in a paper.
According to the researcher, attackers can steal a Tesla Model Y as long as they can position themselves within about two inches of the owner’s NFC card or mobile phone with a Tesla virtual key on it, reports The Verge.
“There are several ways Tesla could fix or mitigate this issue, although they may require hardware changes,” Rodriguez added.
Earlier this year, another researcher found a way to start a Tesla car with an unauthorised virtual key.
In 2020, a group of Belgian cyber security researchers discovered major security flaws in the keyless entry system of the Tesla Model X, demonstrating how the battery-powered Tesla Model X priced at over $100,000 can be stolen in a few minutes.
(Except for the headline, the rest of this IANS article is un-edited)
For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
