March 7, 2024 at 02:49PM
The Flipper Zero device, when used in a phishing attack, can compromise Tesla accounts and enable attackers to unlock and start cars. By creating a fake “Tesla Guest” WiFi network, the attacker tricks victims into inputting their Tesla account credentials, enabling them to add a new Phone Key and take control of the vehicle. Researchers advise implementing additional authentication measures. Tesla has not responded to inquiries about implementing security updates.
The meeting notes outline a significant security vulnerability in Tesla’s systems, as reported by security researchers Talal Haj Bakry and Tommy Mysk. They detailed a phishing attack using a Flipper Zero device, which could compromise Tesla accounts, unlock cars, and start them. The attack specifically targets the latest Tesla app version 4.30.6 and Tesla software version 11.1 2024.2.7.
The phishing attack is executed by deploying a spoofed WiFi network, posing as “Tesla Guest,” commonly found at Tesla service centers. Once a victim connects to the fake network, they are presented with a fake Tesla login page that captures their credentials in real time. With this stolen information, an attacker can bypass two-factor authentication and gain access to the victim’s Tesla account, allowing them to add a new ‘Phone Key’ and ultimately unlock and drive the car like the owner. Notably, the researchers brought to light that adding a new Phone Key does not prompt the need for a physical Tesla Card Key, rendering it a significant security gap.
The security researchers explicitly suggested that requiring a physical Tesla Card Key when adding a new Phone Key could enhance security by introducing an additional authentication layer for the new phone. However, Tesla responded by asserting that their investigation determined this behavior to be intentional and emphasized that the Tesla Model 3 owner’s manual does not specify the need for a key card when adding a phone key.
It’s also mentioned that BleepingComputer has contacted Tesla to inquire about potential OTA updates introducing security measures to mitigate these vulnerabilities, but a response from Tesla is pending.
These meeting notes highlight a critical security concern that requires immediate attention and remediation to safeguard Tesla’s systems and the security of its customers.