FYI.

This story is over 5 years old.

Tech

Watch China's Elite White Hat Hackers Pwn a Tesla From 12 Miles Away

Even the high-tech Tesla isn’t immune to hackers, as China's Keen Team team successfully compromised the car remotely for the first time.
Image: Tesla

A group of Chinese white hat hackers has found a way to hack a Tesla, hitting the brakes on it from 12 miles away.

Keen Team, a renowned security research team, announced the successful hack in a YouTube video late Monday night, announcing on Twitter that they had "pwned Tesla Model S remotely."

"As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars," the group wrote in a blog post. "We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected."

Advertisement

In a statement, Tesla said that the company had pushed an update to fix the bugs exposed by Keen Team within 10 days of receiving their alert. The company also downplayed the real-world risk posed by this attack.

"The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot," the Tesla spokesperson said in an email. "Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly."

Read more: We Drove a Car While It Was Being Hacked

In the video, the hackers show how they're able to control several features of the car from a laptop, apparently without physically tampering with the vehicle. The hackers demonstrate how they can open the sunroof, move the seat, swing windshield wipers, fold the rear view mirror and—more worrisome—hit the brakes on a moving car while being 12 miles away.

As cars have become more and more like computers on wheels, security researchers have found ways to hack them. The first demonstrations required physical access to a car's controls and inner computer. Last year, however, two American researchers were able to remotely hack a Jeep, killing the engine while a Wired reporter was driving it on the highway.

Also in 2015, another couple of American researchers found that they could plug their laptop into a Tesla's network cable and hack into the car's controls.

The Keen Team's demonstration this week, however, is the first time a Tesla has been hacked remotely. And if history is any indication, it might not be the last time hackers pwn smart cars.

This story has been updated to include Tesla's comments.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.