Last year, Tesla released an update that made it easier to get cars started after unlocking with NFC key cards.
Hackers have shown how you can use this feature for your own purposes. Martin Harfurt, a safety researcher in Austria, noticed a strange feature: this feature not only allows an electric car to turn on automatically in 130 seconds, but also puts the car in a position that allows it to receive new keys.
That is, at this interval, anyone can connect their own key with Tesla. The official Tesla app does not allow keys to be registered unless linked to the owner’s account, but Harfurt noticed that the vehicle communicates VCSec messages with any nearby Bluetooth Low Energy or BLE device.
He created his own Teslakee application using the same algorithm as the official program. This allows you to lock any Tesla key in 130 seconds. In this case, the electric car will not even notice the replacement.
Harfurt has tested performance with the Tesla Model 3 and Y, but he is sure that this problem affects all models in general. Elon Musk and Tesla did not respond to requests for comment.