Watch Thieves Steal Tesla Model S by Hacking Its Keyless Entry System
The duo also disabled the remote access feature on the car, which prevents it from being tracked.
A pair of thieves in Essex, England recently made off with a Tesla Model S after hacking its high-tech keyless entry system, and the entire ordeal was caught on the owner's security cameras.
Using a method called "relay attack," the dubious task exploited a weakness in the vehicle's Passive Keyless Entry (PKE) system. Unlike Remote Keyless Entry (RKE), PKE allows for a bit more convenience for the sake of security by unlocking the vehicle as someone with the key approaches the car. This attack has been well known for some time and can be executed with as little as $20 in parts.
The first thief can first be seen walking around the house looking for the Tesla's fob, as the device in his hand will pick up the fob's signal and communicate it to another unit carried by the second thief. The ultimate goal is to locate the signal and extend its usable range via an artificial bridge, which will then boost the request to the vehicle's transponder. When the thief reaches a close enough proximity to where the fob is kept inside the home, the Tesla will unlock and start—as it did on the video.
As the popularity of this modus operandi has increased, Tesla has taken note and enabled a feature called "PIN to drive". This enables owners to require a PIN (in addition to a key fob or authenticated phone in the case of the Model 3) before actually driving off with the vehicle. According to the description of the YouTube video, this owner did not have the PIN to drive function enabled on his car, allowing the thieves to drive away once they gained entry.
The bandits perceivably did their research before nabbing the Tesla as well. According to the video's description, a feature that enables remote access to the vehicle was disabled prior to taking the car, which means that neither Tesla nor the owner of the vehicle are able to track its whereabouts. Fortunately, the car can be tracked if it uses the Supercharger network. Although nearly every single stolen Tesla has been recovered thanks to the vehicle's always-on connectivity, as more nefarious players become aware of how to disable the modern conveniences and securities, the gap between stolen and recovered cars may widen over time.
Ensuring that a key is stored in a Faraday cage could help to prevent the theft of one's car, or at least prevent them from becoming a repeat victim. For Tesla owners, enabling the company's PIN to drive can even further facilitate the car's safety.