May 2022
1 min read
Note: This is related to Project TEMPA. Please follow this link for an overview!
Besides the ability to relay the 2.4GHz radio signal between the PhoneKey and the Tesla vehicle, it is also possible to relay information on protocol level by using standard software like gattacker.
The advantage of the protocol-based relay attack is that the distance between victim and vehicle is not limited by physical constraints introduced by radio timeouts and allows the injection of crafted messages and the analysis of communicated messages.
The YouTube Video “The Tesla Parking Lot Job” showcases the Bluetooth Relay Attack (turn on subtitles for commentary).
Further information about this attack can be found in the slide set in the Downloads Section
An upcoming mitigation approach is using the TeslaKee app that will be available via TeslaKee.com
Project TEMPA Slide Deck from CanSecWest22 (PDF) Slides presented at CanSecWest22 on May 18th 2022 in Vancouver. Created: May 18, 2022 License: CC-BY Author: Martin Herfurt Link: https://www.secwest.net/ |
The Tesla Parking Lot Job Image (JPG) This image is used as a YouTube thumbnail image for thie Video “The Tesla Parking Lot Job” Created: Mar 12, 2022 License: CC-BY Author: Martin Herfurt Link: https://youtu.be/eDbSzVTYqBY |
Sharing is caring!