Tesla Cars Hackable – Protected by 6 character Password

Wednesday, April 02, 2014

Dan Dieterle


The high tech Tesla electric car that received 5 stars in safety apparently could be hacked by cracking a 6 character password.

Black Hat Asia presenter and security researcher Nitesh Dhanjani explained last week that the car could be locked and unlocked by cracking a short password.

Tesla users must use an online account with which they can access the car via smartphone app.

Dhanjani found that the online account was susceptible to a brute force password attack that could allow a hacker access to the account. The hacker could then lock and unlock the car remotely, or even track and monitor the vehicle.

Vehicles are becoming more and more computerized and new ways to take advantage of this is being added with each new model. And as several hackers have found over the last few years, securing these features is not always top on the list.

“We cannot be protecting our cars in the way we protected our (computer) workstations, and failed,” Dhanjani said last week.

Tesla has been notified of the issues and have already made changes to the online accounts to make them more secure.

This was cross-posted from the Cyber Arms blog. 

General PDAs/Smart Phones
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.