UK cybersecurity research firm NCC Group has revealed a weakness in Bluetooth Low Energy technology that potentially leaves millions of locks vulnerable — including those on your Tesla or home.
NCC Group senior security consultant Sultan Qasim Khan detailed the attack method.
Khan hacked the BLE identification of Tesla Phone-as-a-Key entry system and Kwikset/Weiser residential smart locks using what is known as a “relay attack,” which uses two hardware devices — one near the BLE’s recognized device, the other near the lock it controls — to trick the lock into thinking its owner is nearby.
By placing one relay device within 15 yards of a Tesla owner’s phone or fob, and another in his laptop near the car, Khan was able to “relay” the BLE identification from the owner’s device to his own, hijacking the ride in an example for Bloomberg News.