Car Hacking Research: Remote Attack Tesla Motors by Keen Security Lab



With several months of in-depth research on Tesla Cars, we have discovered multiple security vulnerabilities and successfully implemented remote, aka none physical contact, control on Tesla Model S in both Parking and Driving Mode. It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack.

Following the global industry practice on “responsible disclosure” of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team.

Keen Security Lab appreciates the proactive attitude and efforts of Tesla Security Team, leading by Chris Evans, on responding our vulnerability report and taking actions to fix the issues efficiently. Keen Security Lab is coordinating with Tesla on issue fixing to ensure the driving safety of Tesla users.

As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected. Keen Security Lab would like to send out this reminder to all Tesla car owners:

PLEASE DO UPDATE THE FIRMWARE OF YOUR TESLA CAR TO THE LATEST VERSION TO ENSURE THAT THE ISSUES ARE FIXED AND AVOID POTENTIAL DRIVING SAFETY RISKS.

This video demonstrates the impact of our remote attack vector. REMINDER: WHAT YOU ARE ABOUT TO SEE IN THIS VIDEO ARE PERFORMED BY PROFESSIONAL RESEARCHERS, DO NOT TRY THIS AT HOME.

source

47 thoughts on “Car Hacking Research: Remote Attack Tesla Motors by Keen Security Lab

  1. Jackpro Killer September 27, 2017 at 10:28 am

    Keen lab If you don’t realise jailbreak I will unsubscribe you forever with my 70 account

  2. Constant Throwing September 27, 2017 at 10:28 am

    I enjoyed this video, but you could do with some better editing.

    Contact me through messages if you want to work something out.

  3. lIlIlIlIlI lIlIlIlIlI September 27, 2017 at 10:28 am

    How come half the asians i know supports Man U

  4. Tim Cena September 27, 2017 at 10:28 am

    Those computer scientists should be recruited at Tesla since they are showing them the weak points that need to be improved!

  5. Ken Ben September 27, 2017 at 10:28 am

    What the actual fuck? Guys, there exists shit for brains and they're here again parroting in the comments! A mundane comment about the sunroof in the rain! And these are literal shit for brains NOT the cool real life parrots lmfao stupider than an IRS Robocall spam AI from India, that's shit for brains parroting for you. Stay safe kiddos, oh and don't worry he it the rain parrot bee bops spam boys

  6. Johny 69 September 27, 2017 at 10:28 am

    can you actually drive tesla remotly? like in fast and furious 8 😀

  7. Bob Hope September 27, 2017 at 10:28 am

    If you like the idea of a self-driving vehicle you haven't considered the implications, if you are against the idea you will be forced to buy one anyway. If you cannot afford the autonomous vehicle then all the new mass transit/bicycle lanes are planned for you. Solution, problem, reaction.

  8. PJ Zizzle September 27, 2017 at 10:28 am

    And this is why I drive a car from 1968 try hacking that.

  9. Aley 20 September 27, 2017 at 10:28 am

    ching chong Ding dong ching ching ping ping

  10. Cyan Zeng September 27, 2017 at 10:28 am

    厉害了我的基!!!!

  11. Grey Tiger September 27, 2017 at 10:28 am

    How do we know it is not custom firmware and actually hacking the system?

  12. ddavel5441 September 27, 2017 at 10:28 am

    Tesla is gonna have to build a better ….firewall.

  13. Maccrdon September 27, 2017 at 10:28 am

    upload more vids this was awesome!

  14. Edward Joung September 27, 2017 at 10:28 am

    um…. I am now second guessing whether or not I should invest in a Tesla… I'd rather reverse engineer the car and get rid of all the crap that causes security flaws.

  15. randotaf September 27, 2017 at 10:28 am

    Keenstar

  16. test two September 27, 2017 at 10:28 am

    Knowing how the chinese operate, I wouldn't be surprised if this was faked. Even thought I know it has been down before these two noobs.

  17. Your rapper's favourite rapper September 27, 2017 at 10:28 am

    Do NOT fuck with these two researchers! xD Hacking anybody in the blink of an eye xDDDD

  18. ICommandoI September 27, 2017 at 10:28 am

    One way for police to stop criminals. Apply the brakes remotely. But I knew this was going to happen as soon as you start "Connecting" cars, the connection can always be hacked. Where there is a will, there is a way.

  19. DMT September 27, 2017 at 10:28 am

    This should be better secured than an iPhone.

  20. davetileguy September 27, 2017 at 10:28 am

    Asian driverless car, double whammy!!!

  21. brown bobby September 27, 2017 at 10:28 am

    we should ban Tesla on the road

  22. kaidaten38 September 27, 2017 at 10:28 am

    fake hackers. I bet this car is an autobot.

  23. Clément Sony September 27, 2017 at 10:28 am

    Ils ont simplement installés eux-mêmes les circuits bluetooth relié aux fonctionnalités …

  24. mou September 27, 2017 at 10:28 am

    donald trump

  25. IronTomahawk September 27, 2017 at 10:28 am

    Good job guys … the implications are quite terrifying. Think about the "accidents" of the past where important persons died in their cars ….

  26. 96Delta September 27, 2017 at 10:28 am

    My guess is that by querying for a charging station they opened the door by transmitting the unique vehicle ID which was intercepted. The wireless communication is the initial weak point in this chain.

  27. J Lee September 27, 2017 at 10:28 am

    A hacked Tesla on a public road is probably as dangerous as a drunk driver, if not more.

  28. James Wang September 27, 2017 at 10:28 am

    We Chinese people will do anything to get our blue sky back, without killing our economic growth with carbon taxes. This starts with giving our support to all electric car companies in every possible way.

  29. Simple Sec September 27, 2017 at 10:28 am

    When you know Tesla is going to rain so much money on you, that you don't care about rain on your laptop 2:53

  30. CompSciGuyIT September 27, 2017 at 10:28 am

    Well done guys. Great job.

  31. Ray Volt September 27, 2017 at 10:28 am

    We must keep in mind that it is IMPOSSIBLE to have a 100% reliable security because everything is computer and everything that a computer program is also possible to deprogram! If in the future our means of transport are moving on their own, be sure that the hack will be frequent.
    We tend to forget that the man program, man can also hack. The machines are just machines created by men

  32. Ray Volt September 27, 2017 at 10:28 am

    beautiful work fine, so great demonstration of this Chinese guys. They are really very strong this Chineses.
    What is now the point? Well it's simple, it demonstrates and it proves that Tesla is not a safe car to 100% and it is very far from being 100% secure. It opens the door to other possibilities hack. Tesla put a beautiful patch to correct their flaws but it remains they will put as beautiful patch they want it will always be possible to hack the Tesla. Many people forget that everything IT is possible to hack. The 100% security does not exist and will not exist in IT NEVER. We must not forget that all that is computer, everything computers are only codes, combinations of numbers (1010101010) … combinations of programs, lines of code, commands, etc.

  33. Holly Wood September 27, 2017 at 10:28 am

    A SMART CAR IS A STUPID CAR.

  34. Vaio San September 27, 2017 at 10:28 am

    Reminds me James Bond 007 remote controlled car ! 😉

  35. Bogdan Gavrilescu September 27, 2017 at 10:28 am

    They are asians, this must be true.

  36. Jaire Fernández September 27, 2017 at 10:28 am

    Nice job

  37. Noel Nunez September 27, 2017 at 10:28 am

    Thank god they did this, now tesla could fix the flow

  38. lizadonrex September 27, 2017 at 10:28 am

    Tesla need a standalone mode for security

  39. John September 27, 2017 at 10:28 am

    How did they get remote access to the CAN BUS? 12 miles is impressive if legit. My best guess it that they were able to hack the WiFi and gain access to the cars LAN.

  40. Skyy Alexander September 27, 2017 at 10:28 am

    One of many reasons I will never purchase a vehicle like this. Technology may be the way of the future, but it will be a cold day in hell before I allow a fully computer controlled electric car into my stables. Petrol for me please, thank you!

  41. roki977 September 27, 2017 at 10:28 am

    So now you have to wait for updates even with cars, no thanks..

  42. Carlos Malave September 27, 2017 at 10:28 am

    As car manufacturers make their products more connected; these software issues will arise. These white hat hackers let Teslamotors know about these vulnerabilities. Already, a free over-the-air software update was sent to ALL North American Teslas and globally over the next weeks.

  43. caseywalls00 September 27, 2017 at 10:28 am

    this is why I drive a 79 Oldsmobile cutlass supreme with no electronic stuff to go haywire, pure analog with an built chevy 350 and th350 trans .

  44. fil kan September 27, 2017 at 10:28 am

    no surprise as first military drones used by US army in Iraq were easy to hack by guerilla using laptop with a gsm phone. The killing machines worked on open source software.

  45. Mark Brand September 27, 2017 at 10:28 am

    All in all it's pretty cool. I've wanted to see a hacked Tesla for a while now.

  46. Mark Brand September 27, 2017 at 10:28 am

    Oooh experts at driving with the trunk open.

  47. Mark Brand September 27, 2017 at 10:28 am

    I love how they feel the need to tell us they did all these things "very safely". I was worried those windshield wipers would cause a crash!!!! Whew.

Leave a Reply