Cybersecurity researchers managed to hack Tesla with the help of a drone
Hacking a car from the skies may seem futuristic or sci-fiction, but it’s not. The researchers have shown us the possibility and vulnerability of connected car systems.
This is not the first time that cybersecurity researchers have hacked the Tesla vehicle.
In 2020, security experts at McAfee showed off a hacking stunt by taking Tesla’s autonomous driving car to up to 85MPH in a below 40MPH zone. The same year, people from KU Leuven University’s Computer Security and Industrial Cryptography (COSIC) hacked and stole a Tesla car within two minutes by targeting Bluetooth. They just used the equipment worth $200-$300.
Lennert Wouters, a cybersecurity researcher at KU Leuven, revealed how he found some technical vulnerabilities in Tesla Model X and its keyless entry system. According to Lennert, the hack was possible for anyone who manages to read the vehicle’s identification number, which usually visible and is not that difficult to have.
According to Lennert, the hardware he used was less than $300, could be fixed inside any backpack, and controlled by a phone connected with it. It didn’t take more than 2 minutes for a hacker to extract a radio code that unlocks the Model X. The story doesn’t end here; once the hacker got in, he could pair its own key fob with the victim’s car and drive the car away.
“Two vulnerabilities allow a thief or hacker to steal Tesla’s Model X in no time,” says Wouters, who presented his findings at the Real World Crypto conference in January. “When you combine those vulnerabilities, you get a much more powerful attack.”
“Two vulnerabilities allow a thief or hacker to steal Tesla’s Model X in no time,”
A vulnerability was found in the Tesla vehicle. A team of cybersecurity researchers was working on finding any loopholes in the Tesla system for its betterment and was able to hack one of its cars using a drone flying above the car and a Wi-Fi dongle.
It was noticed that this flaw could give a hacker complete control over the vehicle, and he can do almost anything a driver can do apart from starting it.
The experts note that this flaw is not limited to the Tesla cars, but a large number of similar vehicles running on the roads have the same vulnerability, and they could be hacked as well.
According to the researchers, the bugs that caused these hacks were fixed last year. Still, the expert hackers Ralf-Philipp Weinmann, CEO of Kunnamon, and Benedikt Schmotzle of Comsecuris showed their skills at the CanSecWest conference.
They were managed to hack the car without even having any interaction with anyone in it. That would have been a valuable thing for thieves. They could’ve taken advantage of parked cars and controlled their infotainment systems through Wi-Fi. Using this type of attack a person can
Wi-Fi vs WLAN:
Both wireless fidelity and wireless local area network are similar, and they both mean a system that can transfer data at high speed wirelessly. And the connected devices that are accessing the internet using Wi-Fi hotspot can be shown.
A system called Linux runs on the vehicles. And a software called Connman runs to help the network configuration on the vehicles. Weinmann and Schmotzle from Germany searched Connman with the American Fuzzy Lop (AFL) fuzzing software for security gaps in processing DNS requests and quickly found what they were looking for.
How It Works:
The Tesla Drone Exploit uses a combination of a stack buffer overflow when processing DNS requests (CVE-2021-26675) and a loophole in the DHCP stack (CVE-2021-26676) that allows parts of the memory to be read. This makes it possible to execute malicious code on the vehicles.
The attack could have been more powerful. Because it was possible to gain full control over the embedded Linux system and then connect to the other vulnerable Tesla vehicles via WLAN and control them.
The loopholes in Connman were fixed, and the new version is 1.39. According to the researchers, other auto companies also use the same software in their vehicles, and they still can have the same flaws, and they were told about the CERT-Bund in January.
The new version of Connman has already been released, but it’s still not clear how many automakers have included the new release in the vehicles’ software. However, Tesla fixed these errors in October 2020.
It was an emulator:
The researchers didn’t need any real vehicle to analyze the flaws and develop the exploit. They used an emulator software called Kunnaemu.
A detail of some vulnerabilities of Kunnaemu were described in a technical research paper. The results were also presented in a lecture at the Cansecwest IT security online conference held online due to the Covid19 pandemic.
“When you combine those vulnerabilities, you get a much more powerful attack.”
There are still possibilities that electric cars will keep getting hacked in the future, but the researchers are always there to find those loopholes as they did this time while hacking a Tesla. The electric car giants like Tesla will continue the research to make their cars safer and trustworthy for the customers.