Tesla Motors fixes security in Model S after China’s Tencent reveals flaws

A Chinese security team has hacked a Tesla Model S and revealed several vulnerabilities in the luxury electric car.

By: AFP | Published:September 22, 2016 9:59 am
Tesla, Tesla Motors, Tesla Motors Security flaw, Tesla Model S hacked, Model S hacked by Tencent, Tesla Model S Chinese hackers, Model S hacked, Tesla Motors hacking, Tesla Security update, technology, technology news Tesla Motors Model S hacked by Chinese security team. Company issues OTA update to fix issue. (Source: Reuters)

A Chinese security team has hacked a Tesla Model S and revealed several vulnerabilities in the luxury electric car, US media reported. CNBC reported yesterday that Chinese company Tencent has notified Tesla about the hacks, and that the car company has already put a patch in place to fix the problem.

The business news broadcaster said hackers were able to gain access by connecting to a malicious WiFi hotspot and then using the web browser. Keen Security Labs, a unit at Tencent, trumpeted the successful hack in a blog post.

“It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack,” the hackers wrote. “Following the global industry practice on ‘responsible disclosure’ of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team.”

The security snafus are the latest woes for the Tesla’s Model S, which saw a driver die in a crash in Florida while using Autopilot earlier this year when the vehicle slammed into a truck.

“Tesla has already deployed an over-the-air software update… that addresses the potential security issues,” the company told CNBC. “The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious WiFi hotspot,” Tesla said.

Also read: Tesla Autopilot: Mobileye says it warned company against ‘hands-free’ driving

“Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.”

The company added: “We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.”