As of: March 13, 2024, 6:30 a.m
Comments
Press
Split
Two security researchers have uncovered a supposed security vulnerability at Tesla.
Anyone who steals Tesla drivers' passwords can take the entire car with them.
A hacker attack can have dire consequences: at the beginning of 2023, for example, criminals hijacked the entire YouTube channel of Dortmund tuner Jean Pierre “JP” Kraemer.
But vehicles are also often hacked: for example, to illegally unlock additional features of the car.
Now two security researchers have uncovered an alleged security gap at the US electric car manufacturer Tesla.
The new WhatsApp channel from 24auto.de is here!
Current news, useful tips & tricks as well as strange stories from the internet about cars can be found on our Whatsapp channel: Click here to go directly to
Automania
.
WiFi network of Supercharger charging parks: Tesla owners should be careful here
Tesla drivers should be careful when logging into the Wi-Fi network at Supercharger charging parks.
Even with the simplest means, criminals could steal the vehicle passwords and ultimately the entire car.
The IT security researchers Tommy Mysk and Talal Haj Bakry have now explained how this works in a YouTube video (can be found below) and in their own blog.
Using a simple hardware tool, they say they set up a fake “Tesla Guest” WiFi network with a matching website next to a charging station.
The US car manufacturer provides its customers with free internet for their mobile phones at many locations in order to shorten the waiting time while charging.
Fake WiFi network at Tesla charging stations: Criminals can access data
If someone accidentally logs into the fake network with their access data, criminals can read them and gain access to the vehicle user's smartphone app.
This so-called “phishing” is known from online banking apps, among other things.
According to two security researchers, you should be very careful when logging into the Wi-Fi network at Supercharger charging parks.
(Symbolic image) © Jochen Tack/Imago
You can find even more exciting car topics in the free newsletter from our partner 24auto.de
My news
“Give him a medal”: Citizens park speed cameras – and are celebrated online read
White arrows on a no-parking sign: What is the meaning behind them? read
Huge recall from BMW: 250,000 “Youngtimers” have to go to the workshop because of airbag problems
E-cars are no longer automatically climate-neutral: Is the combustion engine selection overturned?
Who has the right of way when there are three cars at an intersection: Check your traffic knowledge reading
Driving winter tires in summer: Three good reasons against reading
The hacked app not only allows Tesla to permanently track the vehicle's location, but also, according to Mysk, to create a digital vehicle key.
Anyone who owns it can open and start the car at any time.
Some time ago, a researcher also discovered a hack using NFC on Tesla's Model Y.
According to security researchers, Tesla sees no reason to act
The security researchers reported the vulnerability to Tesla, but they saw no reason to take action, as Mysk explains in the video.
So-called phishing and social engineering attacks are also not part of Tesla's “bug bounty” program, which financially rewards the discovery and reporting of vulnerabilities.
(Holger Holzer/SP-X)