DonTom
Well-known member
"Researchers find a clever way to hack into and steal your Tesla"
And now they tell the entire world how to do it.
-Don- Reno, NV
Do not let your Tesla ripped-off this way!
- Thread starter DonTom
- Start date
The friendliest place on the web for anyone with an RV or an interest in RVing!
If you have answers, please help by responding to the unanswered posts.
If you have answers, please help by responding to the unanswered posts.
And now they tell the entire world how to do it.
-Don- Reno, NV
OldWEB
Well-known member
Had not heard about it til now as they did not tell the whole world, YOU passed it on to me and I am sure others too.
OP
OP
DonTom
Well-known member
Simple fix. Just do not log in to the Tesla site, I never have to charge my Tesla at a Supercharger. I just plugin and walkaway. Nothing to hack into that way.
However, for now, to log into a Tesla Supercharger with a non-Tesla at a Magic Dock (such as with my Enegica motorcycles) I have to login to my Tesla account. But there is no way to rip off my motorcycle with the keyfob in my pocket.
-Don- Reno, NV
The Ransom of Red Chief comes to mind.
John From Detroit
Well-known member
That is an old trick been used to steal many people's information.
You go to say McDonalds and log into the Free-Wi-fi.. Well at one time McD had both Free (very limited) and unlimited higher speed that needed log in (AT&T) and the scammer/hacker would set up a Wi-Fi node that looked like McD's but.. guess what.
Or ______ instead of McD's I've seen a couple sites where that happened. thankfully it's easy to "De-Virus" a chromebook. takes about 2 or 3 minutes.... (I only use chromebooks in untrusted nodes) Plus most Vindows malware just makes a chroebook cough (reset constantly) you snek in and POWERWASH and it's literally new again.
You go to say McDonalds and log into the Free-Wi-fi.. Well at one time McD had both Free (very limited) and unlimited higher speed that needed log in (AT&T) and the scammer/hacker would set up a Wi-Fi node that looked like McD's but.. guess what.
Or ______ instead of McD's I've seen a couple sites where that happened. thankfully it's easy to "De-Virus" a chromebook. takes about 2 or 3 minutes.... (I only use chromebooks in untrusted nodes) Plus most Vindows malware just makes a chroebook cough (reset constantly) you snek in and POWERWASH and it's literally new again.
DutchmenSport
Well-known member
Why should this surprise anyone? Ever since the internet went public and, especially when wifi became free access, the public has been warned over and over and over again about hacking and identity theft of personal information.
This is why I NEVER use open wifi services anywhere!
Again.... be careful what you ask for, you just might get it!
This is why I NEVER use open wifi services anywhere!
Again.... be careful what you ask for, you just might get it!
OP
OP
DonTom
Well-known member
I do not use any of the free Wi-fis. I always use my Version Hotspot without even checking to see if there is a free wi-fi. I have the unlimited service on my Hotspot anyway.
-Don- Reno, NV
OP
OP
DonTom
Well-known member
It surprised me because it's rather stupid to rip-off a Tesla.
On the APP we can always see where it is located and call 9-1-1 and let the cops know where it is as while it is in route (or stopped, parked, shut off and locked up or whatever) as I am honking it's horn nonstop from the app.
Who would be stupid enough to rip-off a Tesla? It's like asking to get busted ASAP.
-Don- Reno, NV
Arch Hoagland
Well-known member
Onyrief said "The Ransom of Red Chief comes to mind."
That was one of the best books I ever read.
That was one of the best books I ever read.
Skookum
Well-known member
- Joined
- Dec 19, 2018
- Posts
- 3,769
Similar but different, lots of cars are being ripped off using relay attacks on key fobs.
You park, get out, lock the car using your spiffy remote either by pressing the button or walking away with the fob in your pocket. What you don't know is that there's a device in range listening to the RFID signal your fob is giving off and clones it. Now there's an electronic copy of the key which the thief can use to steal your car when you walk away, without even breaking in or having possession of a physical key fob.
You park, get out, lock the car using your spiffy remote either by pressing the button or walking away with the fob in your pocket. What you don't know is that there's a device in range listening to the RFID signal your fob is giving off and clones it. Now there's an electronic copy of the key which the thief can use to steal your car when you walk away, without even breaking in or having possession of a physical key fob.
OP
OP
DonTom
Well-known member
That makes no sense. Send out the EXACT same code you recorded, and it will definitely NOT work. Not even a thin chance of it working with a modern car FOB.
Rolling Code Technology.
-Don- Reno, NV
John From Detroit
Well-known member
True story.. When I was working I got a BOL (Be on lookout, what the TV shows call an "All Points Bulletin" but BOL's are regional. not all points (Every agency in the country and several that are outside the USA like Windsor PD and Niagara Falls Canada) on a stolen brand new Caddilac Escalade.. I sent the engering agency a phone number I still remember and 15 minutes later sent troopers to recover the ride.
Skookum
Well-known member
- Joined
- Dec 19, 2018
- Posts
- 3,769
This describes how it's done. It's very real. And the distance needed to pick up the signal can be farther with other types of RFID key systems.
Tesla vehicles can be stolen with new relay attack, but there's a two-inch caveat
A new relay attack has demonstrated that Tesla vehicles can be stolen with a quick hack, but there's a caveat.
electrek.co
There’s a new form of keyless car theft that works in under 2 minutes
As car owners grow hip to one form of theft, crooks are turning to new ones.
OP
OP
DonTom
Well-known member
My bad, I was thinking FOB when you did day "RFID" which is a card. Works a lot differently than a FOB.
I have the Tesla Fob, Cards, rings, and it can also be opened with the app. running close to the car. Many ways to unlock a Tesla. But it's still stupid to rip one off because on the Tesla APP I can see its location as I honk its horn and call 9-1-1.
-Don- Reno, NV
Skookum
Well-known member
- Joined
- Dec 19, 2018
- Posts
- 3,769
The key fob gives off an RFID signal. So does your ring, Tesla card, and your phone either uses RFID and/or Bluetooth.
OP
OP
DonTom
Well-known member
Never used it. If I have my Smartphone with me (but I usually leave it in the car and off when I am gone which is not all that wise) I think I would rather get my entertainment for the day to get the thief busted while in route.
-Don- Reno, NV
OP
OP
DonTom
Well-known member
But only the FOB uses the rolling codes. Cannot copy the FOB code but can copy a card as well as the other stuff.
-Don- Reno, NV
Skookum
Well-known member
- Joined
- Dec 19, 2018
- Posts
- 3,769
Correct. Like when you press the "lock" button from 25 feet away. Rolling code in that instance prevents a replay attack. Not the same as grabbing the NFC signal from the fob/key/ring/whatever and conducting a relay attack.
OP
OP
DonTom
Well-known member
But I must take back what I said
.I just reread your post and you said:
" the RFID signal your fob is giving off and clones it."
That is not possible.
So that was just one of the many times I thought I was wrong about being right, but I was really right to begin with.
-Don- Reno, NV
