Researchers Jailbreak a Tesla to Get Free Upgrades

Researchers claim to have discovered a way to gain access to Tesla’s infotainment system’s hardware through hacking, enabling them to get upgrades that would often be subscribed for, like heated rear seats, without paying anything.

In essence, the researchers succeeded in jailbreaking the car and stated that this might allow owners to activate the navigation and self-driving features in areas where they are often unavailable. However, they conceded that they haven’t yet tested these features because doing so would take further reverse engineering. The researchers will reveal their findings at the Black Hat cybersecurity conference in Las Vegas the following week.

Related: German Teenager Hacks 25 Teslas

According to Christian Werling, one of the three Technische Universität Berlin students who conducted the study with a second independent researcher, their attack requires physical access to the vehicle, but that is precisely the situation in which their jailbreak would be helpful. Werling told TechCrunch in an interview ahead of the conference:

“We are not the evil outsider, but we’re actually the insider, we own the car. And we don’t want to pay these $300 for the rear heated seats.”

Voltage glitching is the name of the method they utilized to jailbreak the Tesla. Werling said that what they had done was “fiddle around” with the AMD processor’s supply voltage, which powers the infotainment system. Werling went on to explain:

“If we do it at the right moment, we can trick the CPU into doing something else. It has a hiccup, skips an instruction, and accepts our manipulated code. That’s basically what we do in a nutshell.”

The researchers said that using the same method, they were also able to get the encryption key required to authenticate the vehicle on Tesla’s network. The researchers stated they still need to investigate the possibilities in this scenario, but theoretically, this would pave the way for a number of additional attacks.

Tesla hack2

In addition, according to the researchers, they were able to retrieve personal data from the vehicle, including contacts, recent calendar appointments, call logs, places visited by the vehicle, Wi-Fi passwords, and session tokens from email accounts. People who don’t own that particular car but have physical access to it may find this info to be interesting.

Related: Tesla and McLaren’s Keyless Entry System Could Be Hacked Within Seconds

Mitigating the hardware-based attack that the researchers achieved is not simple. In fact, the researchers said, Tesla would have to replace the hardware in question.

Notify of
Inline Feedbacks
View all comments