Promon hackers have recently demonstrated that the Tesla Motors Inc (NASDAQ:TSLA) Tesla Model S can be remotely stolen by hacking its companion Alphabet Inc (NASDAQ:GOOGL) Google Android smartphone app.
Compromising the App
The app provides a convenient experience for users. It is used primarily to locate Tesla Motors vehicles, check battery status, adjust climate control settings, and many more— remotely. However, the hackers have proven that this remote access can also expose the users to theft.
As shown by the hackers, the app can be compromised by leveraging the vulnerabilities of its internet connectivity. They can easily locate Tesla Motors vehicles, and unlock and drive them remotely without sending off alarms. Users only become aware once they check back and see that their vehicles are gone or once they check the location of their vehicles using the app.
The hackers only need to prompt users into downloading a malicious app on their smartphones through an unsecure WiFi network. They lure users by offering a free burger once they download it. As a result, the hackers obtain access to the smartphones and most importantly— Tesla passwords.
An Interconnected Devices Problem
Both Promon and Tesla Motors say that the hack is neither specific nor limited to Tesla Motors as an electric vehicle (EV) manufacturer. Generally, smartphones with poor security features are all that hackers need to compromise user data. As for Promon’s latest demonstration, it just so happens that the Tesla Model S is deeply interconnected with a smartphone app, leading to the possibility of car theft.
“The researchers showed that known social engineering techniques could be employed to trick people into installing malware on their Android devices, compromising their entire phone and all apps, which also includes their Tesla app,” reiterated Tesla Motors.
In line with this, the carmaker strongly urges users to always keep their smartphone operating systems (OS) updated in order to prevent increased exposure to security vulnerabilities.
Tom Lysemose Hansen, Promon Chief Technology Officer (CTO), has noted that carmakers such as Tesla Motors must also improve the security features of their respective offerings especially at a time when everything is going digital.
Tesla Motors has closed at $196.65, up by 1.82%, on Friday. Meanwhile, Alphabet has closed at $780.23, up by 0.16%.