The hackers said in a blog post that it “appreciates the proactive attitude and efforts” of Tesla’s security team on fixing the problems efficiently.
Advertisement
Using a laptop, the hackers also managed to open a vehicle door without using a key.
A team of hackers in China gained remote access to a Tesla Model S and manipulated systems including the brakes, The Hacker News reports.
The Keen Team’s demonstration this week, however, is the first time a Tesla has been hacked remotely.
Speaking to Reuters, Tesla said that the risk to its customers was “very low”, but it did not stop them from responding quickly.
The Keen Labs researchers said Tesla owners should keep their cars updated.
But instead of showing off the car’s vulnerabilities online, Tencent notified Tesla and the automaker has already issued a patch to address the issue.
Thankfully, the flaw was disclosed to Tesla in private and the company fixed the issue within 10 days.
The researchers were able to operate the door, dashboard screen, trunk, sunroof, lights, windshield wipers, wing mirror and chair – the latter being for any nefarious hacker wanting to make a passenger slightly more comfortable, against their will.
Chinese hackers recently proved that no Tesla vehicle is safe from hacking after they successfully took control of one Model S from 12 miles away. It also suggested that the researchers took control of the auto when it was searching for the nearest charging station.
The development comes after Mercedes R&D chief Thomas Weber told Drive that Tesla’s major “over the air” updates left the brand open to hacking.
We’ve seen a Tesla pulled out of a garage remotely via an Amazon Alexa hack in a way that Tesla intended, but there haven’t been many vulnerabilities like this exposed that could be exploited by malicious hackers.
“Following the global industry practice on “responsible disclosure” of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla”. The driver would have to connect to a malicious WiFi hotspot, and then use the web browser.
Advertisement
Further, in keeping with its bug bounty program, Tesla plans to reward Keen Security Lab for its research.
