¡¡¡Tesla hackeado!!!

El equipo chino Keen Security Lab, creado en enero de 2016 con el fin de detectar posibles fallos o debilidades en los sistemas informáticos de todo tipo, tanto teléfono móvil como todo tipo de ordenadores, ha detectado fallos de seguridad en los hardware de los automóviles Tesla. El trabajo que realiza este equipo es es sumamente importante ante la gran informatización de la sociedad, y más todavía, ante la creciente entrada en el mercado de vehículos totalmente autónomos, o sea que se mueven sin conductor, tanto en el agua como en carretera, tanto barcos como ferries, automóviles y microbuses, y lo que falta por venir.

Este equipo de expertos ha demostrado que los automóviles de la marca Tesla actualmente son vulnerables a posibles controles desde manos ajenos. Ya han sido informados los responsables de seguridad de Tesla y ya se están actualizando sus hardware.

¡El equipo hace un llamamiento a todos los proprietarios de un Tesla que actualicen el firmware que viene de fábrica de su automóvil!


by Keen Security Lab of Tencent

With several months of in-depth research on Tesla Cars, we have discovered multiple security vulnerabilities and successfully implemented remote, aka none physical contact, control on Tesla Model S in both Parking and Driving Mode. It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack.

Following the global industry practice on “responsible disclosure” of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team.

Keen Security Lab appreciates the proactive attitude and efforts of Tesla Security Team, leading by Chris Evans, on responding our vulnerability report and taking actions to fix the issues efficiently. Keen Security Lab is coordinating with Tesla on issue fixing to ensure the driving safety of Tesla users.

As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected. Keen Security Lab would like to send out this reminder to all Tesla car owners:

PLEASE DO UPDATE THE FIRMWARE OF YOUR TESLA CAR TO THE LATEST VERSION TO ENSURE THAT THE ISSUES ARE FIXED AND AVOID POTENTIAL DRIVING SAFETY RISKS.

The video below demonstrates the impact of our remote attack vector. REMINDER: WHAT YOU ARE ABOUT TO SEE IN THIS VIDEO ARE PERFORMED BY PROFESSIONAL RESEARCHERS, DO NOT TRY THIS AT HOME.