Spyder News
  • Home
    • Home – Layout 1
  • Review
    Sony A95K MASTER Review

    Sony A95K MASTER Review

    Netatmo CO detector

    All About Netatmo CO detector

    Sony Linkbuds S Review

    Sony Linkbuds S Review

    Yi Mirror Dash Review

    Yi Mirror Dash Review

    All About OnePlus Nord CE 2

    All About OnePlus Nord CE 2

    Galaxy Buds Pro

    Galaxy Buds Pro

  • Gaming
    How do have an active clash of clans clan?

    How do have an active clash of clans clan?

    Alienware M15 R7

    Alienware M15 R7

    MSI GS77 Stealth 2022

    MSI GS77 Stealth 2022

    Lenovo IdeaPad Gaming 3 Laptop

    Lenovo IdeaPad Gaming 3 Laptop

    Razer Blade 14

    Razer Blade 14

    Gta Vi

    Gta Vi

  • Gear
    • All
    • Audio
    • Camera
    • Laptop
    • Smartphone
    OPPO Find N

    OPPO Find N

    Redmi Note 9T Review

    Redmi Note 9T Review

    Realme Pad Min

    Realme Pad Min

    Xiaomi Mi Mix 3

    Xiaomi Mi Mix 3

    pixel 6 camera review

    pixel 6 camera review

    Huawei MateBook X Pro

    All About Huawei MateBook X Pro

    Trending Tags

    • Best iPhone 7 deals
    • Apple Watch 2
    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • iOS 10
    • iPhone 7
    • Sillicon Valley
  • Computers
    Alienware M15 R7

    Alienware M15 R7

    MSI GS77 Stealth 2022

    MSI GS77 Stealth 2022

    Lenovo IdeaPad Gaming 3 Laptop

    Lenovo IdeaPad Gaming 3 Laptop

    Razer Blade 14

    Razer Blade 14

    Fujitsu UH-X laptop review

    Fujitsu UH-X laptop review

    Company finds fraud and viruses in 92% of illegal football broadcasts on the web

    Company finds fraud and viruses in 92% of illegal football broadcasts on the web

  • Applications
    Google accidentally anticipates Mother’s Day tribute and removes Doodle from the air

    Google accidentally anticipates Mother’s Day tribute and removes Doodle from the air

    American operator Verizon announces sale of Yahoo and AOL for $ 5 billion

    American operator Verizon announces sale of Yahoo and AOL for $ 5 billion

    Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

    Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

    Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack

    Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack

    Glovo suffers a hack in Spain and the credentials of distributors and clients appear for sale on the Internet

    Glovo suffers a hack in Spain and the credentials of distributors and clients appear for sale on the Internet

    Telegram: these are the new features that will arrive very soon

    Telegram: these are the new features that will arrive very soon

  • Security
    The dangerous paradox that threatens the throne of the PlayStation 5

    The dangerous paradox that threatens the throne of the PlayStation 5

    YouTube’s invention so you don’t run out of mobile data

    YouTube’s invention so you don’t run out of mobile data

    European Union proposes rules for ‘high risk’ artificial intelligence

    European Union proposes rules for ‘high risk’ artificial intelligence

    U.S. senators question Apple and Google about dominance in app stores

    U.S. senators question Apple and Google about dominance in app stores

    Amazon opens UK hair salon with technology to predict the look

    Amazon opens UK hair salon with technology to predict the look

    CMS: what is it and how to use a Content Management System?

    CMS: what is it and how to use a Content Management System?

No Result
View All Result
  • Home
    • Home – Layout 1
  • Review
    Sony A95K MASTER Review

    Sony A95K MASTER Review

    Netatmo CO detector

    All About Netatmo CO detector

    Sony Linkbuds S Review

    Sony Linkbuds S Review

    Yi Mirror Dash Review

    Yi Mirror Dash Review

    All About OnePlus Nord CE 2

    All About OnePlus Nord CE 2

    Galaxy Buds Pro

    Galaxy Buds Pro

  • Gaming
    How do have an active clash of clans clan?

    How do have an active clash of clans clan?

    Alienware M15 R7

    Alienware M15 R7

    MSI GS77 Stealth 2022

    MSI GS77 Stealth 2022

    Lenovo IdeaPad Gaming 3 Laptop

    Lenovo IdeaPad Gaming 3 Laptop

    Razer Blade 14

    Razer Blade 14

    Gta Vi

    Gta Vi

  • Gear
    • All
    • Audio
    • Camera
    • Laptop
    • Smartphone
    OPPO Find N

    OPPO Find N

    Redmi Note 9T Review

    Redmi Note 9T Review

    Realme Pad Min

    Realme Pad Min

    Xiaomi Mi Mix 3

    Xiaomi Mi Mix 3

    pixel 6 camera review

    pixel 6 camera review

    Huawei MateBook X Pro

    All About Huawei MateBook X Pro

    Trending Tags

    • Best iPhone 7 deals
    • Apple Watch 2
    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • iOS 10
    • iPhone 7
    • Sillicon Valley
  • Computers
    Alienware M15 R7

    Alienware M15 R7

    MSI GS77 Stealth 2022

    MSI GS77 Stealth 2022

    Lenovo IdeaPad Gaming 3 Laptop

    Lenovo IdeaPad Gaming 3 Laptop

    Razer Blade 14

    Razer Blade 14

    Fujitsu UH-X laptop review

    Fujitsu UH-X laptop review

    Company finds fraud and viruses in 92% of illegal football broadcasts on the web

    Company finds fraud and viruses in 92% of illegal football broadcasts on the web

  • Applications
    Google accidentally anticipates Mother’s Day tribute and removes Doodle from the air

    Google accidentally anticipates Mother’s Day tribute and removes Doodle from the air

    American operator Verizon announces sale of Yahoo and AOL for $ 5 billion

    American operator Verizon announces sale of Yahoo and AOL for $ 5 billion

    Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

    Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

    Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack

    Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack

    Glovo suffers a hack in Spain and the credentials of distributors and clients appear for sale on the Internet

    Glovo suffers a hack in Spain and the credentials of distributors and clients appear for sale on the Internet

    Telegram: these are the new features that will arrive very soon

    Telegram: these are the new features that will arrive very soon

  • Security
    The dangerous paradox that threatens the throne of the PlayStation 5

    The dangerous paradox that threatens the throne of the PlayStation 5

    YouTube’s invention so you don’t run out of mobile data

    YouTube’s invention so you don’t run out of mobile data

    European Union proposes rules for ‘high risk’ artificial intelligence

    European Union proposes rules for ‘high risk’ artificial intelligence

    U.S. senators question Apple and Google about dominance in app stores

    U.S. senators question Apple and Google about dominance in app stores

    Amazon opens UK hair salon with technology to predict the look

    Amazon opens UK hair salon with technology to predict the look

    CMS: what is it and how to use a Content Management System?

    CMS: what is it and how to use a Content Management System?

No Result
View All Result
Spyder News
No Result
View All Result
Home Apple

Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack

spydernews by spydernews
May 5, 2021
in Apple, Applications, Audio, Gear, Microsoft, Uncategorized
0
Experts use drone to hack Tesla car system vulnerable to Wi-Fi attack
473
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

Equipment flew over the car replicating the network configured for dealerships and opened the vehicle’s doors after exploiting the vulnerability.

Two security researchers demonstrated an attack capable of taking control of Tesla’s on-board entertainment system to control vehicle functions, including air conditioning, music, doors and acceleration modes.

The demonstration featured a drone that, flying over a Tesla Model X, created a special Wi-Fi network to exploit a vulnerability and open the car doors. Although it was possible to carry out the same attack with a notebook, the simulated scenario with a drone warns of the possibility of more discrete attacks.

The problem was identified by experts Ralf-Philipp Weinmann, from Kunnamon, and Benedikt Schmotzle, from Comsecuris. The work was initially carried out for the Pwn2Own competition, which would reward researchers with a car if they encountered such an attack.

Because of the covid pandemic, this category of Pwn2Own has been canceled. The competition started to be held by videoconference and focused on other portable devices of the ‘internet of things’, such as speakers and televisions.

However, experts maintained the research and identified the loophole, which was communicated directly to Tesla. In addition to the Model X, experts say the S, 3 and Y models were also vulnerable.

The automaker released an update to correct the problem in October 2020. The demonstration of the attack, however, was only published last week by the CanSecWest security conference (you can watch the video, in English).

Since the attack gives access only to Tesla’s on-board entertainment system, it is not possible to “drive” the vehicle remotely through this flaw.

Even so, the researchers speculated that it may be possible to replace all the code responsible for the functioning of the car’s Wi-Fi. If this replacement were successful, attackers could create a permanent remote access channel on the vehicle.

Other brands and products may be vulnerable


The fault found by the experts is located in a software called “ConnMan” (short for “Connection Manager”, or “Connection Manager”). It is a component responsible for initiating and configuring network connections, such as Wi-Fi.

Experts pointed out that this code was developed by an employee of the processor manufacturer Intel, but the company denied that it is currently responsible – the project is now maintained by other groups. To get around the situation, Tesla would have decided to replace ConnMan with other equivalent software.

ConnMan is indicated for embedded systems – packages that provide an integration between hardware and software. For this reason, it is possible that other devices, and even other vehicles of other brands, are vulnerable.

The experts contacted Germany’s security incident response team to get other automakers to communicate and make the necessary adjustments. So far, it has not been confirmed whether other vehicles have already received or will have to receive an update.

Even if not all of the vulnerable devices have been fixed, an attack would still depend on finding a channel to exploit the error.

In the specific case of Tesla, parked vehicles scan the surroundings for a Wi-Fi network called “Tesla Service”, which should normally be used for maintenance procedures carried out by dealerships, for example.

However, it was possible to extract the settings and password for this network from the software installed in the vehicle. The drone prepared by the experts then replicated the Wi-Fi network “Tesla Service”, generating an automatic connection when approaching the car.

This connection is not sufficient to provide access to the Tesla’s on-board system. It is only the first stage of the attack, which depends on the breach found in ConnMan to be continued.

In other words, the maintenance network only frees the attacker from convincing the vehicle owner to connect to a malicious network, as it is possible to take advantage of this programmed behavior.

In addition, the possibility that the same attack could work over the cellular network has not been ruled out. In that case, the attacker would need to be able to create a fake mobile network or manipulate the service provider’s network.

Previous Post

Glovo suffers a hack in Spain and the credentials of distributors and clients appear for sale on the Internet

Next Post

Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

Next Post
Microsoft finds 25 security holes in systems designed for ‘internet of things’ devices

Microsoft finds 25 security holes in systems designed for 'internet of things' devices

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

sponsored posts

Seo guest posting

September 2, 2021
Applications closing on Android? See how to update that fixes the problem

Applications closing on Android? See how to update that fixes the problem

March 30, 2021

Trending.

Xiaomi Black Shark

Xiaomi Black Shark

August 16, 2022
Huawei MateBook X Pro

All About Huawei MateBook X Pro

August 17, 2022
How do have an active clash of clans clan?

How do have an active clash of clans clan?

October 3, 2022
Poco F4 GT

All About Poco F4 GT

August 9, 2022
Galaxy Tab A8 Review

Galaxy Tab A8 Review

August 16, 2022
Spyder News

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

Follow Us

Categories

  • Apple
  • Applications
  • Audio
  • Camera
  • children
  • Computers
  • Gaming
  • Gear
  • Health
  • Laptop
  • lifestyle
  • Microsoft
  • Photography
  • Review
  • Security
  • Smartphone
  • Uncategorized

Tags

Alienware M15 R7 All About OnePlus Nord CE 2 ASUS ROG Flow Z13 Chuwi HiPad Cubot Quest Lite Review Doogee S96 Pro Galaxy Buds Pro Galaxy S21 Plus Galaxy Tab A8 Review gaming laptop Honor Magic4 Pro Review HP Envy 15 Review Huawei Honor 8X Huawei MateBook X Pro laptop Lenovo IdeaPad Gaming 3 Lenovo IdeaPad Gaming 3 Laptop Meizu X8 Review Moto Razr 5G MSI GS77 MSI GS77 Stealth 2022 Netatmo CO detector Nubia RedMagic 6 OPPO Find N pixel 6 camera review Poco F4 GT Razer Blade Razer Blade 14 Realme 9 Pro Plus realme 9i side Realme GT 2 Pro Realme Pad Min Redmi Note 9T Review Reiview review smartphone Sonos Ray Review Sony A95K MASTER Review Sony Linkbuds S Review Xiaomi Black Shark Xiaomi Mi 8 Pro Xiaomi Mi Mix 3 Xiaomi TV F2 Review Yi Mirror Dash Review ZTE Axon 20 5G
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.

No Result
View All Result
  • Home
  • Review
  • Apple
  • Applications
  • Computers
  • Gaming
  • Gear
    • Audio
    • Camera
    • Smartphone
  • Microsoft
  • Photography
  • Security

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.