'White hat hackers' carjacked a Tesla using cheap, legal hardware — exposing major security flaws in the vehicle

Digital keys have become a common and convenient way of unlocking electric vehicles (EVs) — but security researchers have demonstrated how criminals can take advantage of this.

Cybersecurity researchers Tommy Mysk and Talal Haj Bakry, who work for tech firm Mysk, have discovered an exploit that lets cybercriminals access Tesla accounts to generate a "digital key" before unlocking a victim's car and driving away. They detailed their findings in a YouTube presentation on March 7.

They achieved the hack — unlocking the door of a Tesla Model 3 — despite the account being protected by two-factor authentication (2FA). This is an extra layer of protection that asks for a code before logging in — which they bypassed. 

They simply needed a small Flipper Zero device and a Wi-Fi development board —  both of which can be bought online. 

The Flipper Zero device, which costs just $169, is akin to a "Swiss army knife" for security researchers. It lets them read, copy and emulate radio-frequency and near-field communication (NFC) tags, radio remotes, digital access keys and other signals. It's legal in the U.S. although Canada has just brought forward measures to ban it. 

The researchers used a Flipper Zero alongside the Wi-Fi development board to generate and broadcast a fake Tesla login page, before duping a victim into sharing their login credentials. 

How does the hack work?

The researchers conducted this exploitation through a public Wi-Fi network named “Tesla Guest," just like the ones used at Tesla servicing centers.