{"id":19073,"date":"2022-05-17T13:10:08","date_gmt":"2022-05-17T21:10:08","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/05\/17\/news-12806\/"},"modified":"2022-05-17T13:10:08","modified_gmt":"2022-05-17T21:10:08","slug":"news-12806","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/05\/17\/news-12806\/","title":{"rendered":"Car owners warned of another theft-enabling relay attack"},"content":{"rendered":"

Credit to Author: Christopher Boyd| Date: Tue, 17 May 2022 20:16:22 +0000<\/strong><\/p>\n

Tesla owners are no strangers to seeing reports of cars being tampered with outside of their control. Back in 2021, a zero-click exploit aided a drone in taking over the car’s entertainment system<\/a>. In 2016, we had a brakes and doors<\/a> issue. 2020 saw people rewriting key-fob firmware<\/a> via Bluetooth. Andin January this year, a teen claimed<\/a> he had managed to remotely hack into 25 Tesla vehicles.<\/p>\n

This time, we have another Bluetooth key-fob issue<\/a> making waves. Although there is a Tesla specific advisory, there are also advisories for this issue generally and a type of smart lock.<\/p>\n

Bluetooth Low Energy and keyless entry systems<\/h2>\n

The researchers who discovered this issue are clear that it isn’t “just” a problem for Tesla. It’s more of a problem related to the Bluetooth Low Energy (BLE) protocol used by the keyless entry system. Bluetooth is a short-range wireless technology which uses radio frequencies and allows you to share data. You can connect one device to another, interact with Bluetooth beacons<\/a>, and much more. Bluetooth is a perfect fit for something as commonplace as keyless door entry.<\/p>\n

As the name suggests, BLE<\/a> is all about providing functionality through very low energy consumption. As BLE is only active for very short periods of time<\/a>, it’s a much more efficient way to do things.<\/p>\n

The relay attack in action<\/h2>\n

Researchers demonstrated how this compromise of the keyless system works in practice. Though light on details, Bloomberg mentions it is a relay attack<\/a>. This is a fairly common method used by people in the car research realm to try and pop locks.<\/p>\n

To help describe a relay attack, it’s common to first explain how a Man in the Middle<\/a> (MitM) attack works:<\/p>\n

\n

In cybersecurity, a Man-in-the-Middle (MitM) attack happens when a threat actor manages to intercept and forward the traffic between two entities without either of them noticing. In addition, some MitM attacks alter the communication between parties, again without them realizing.<\/em><\/p>\n<\/blockquote>\n

For relay attacks, think of two people (or one person with two devices) sliding their way into the device-based communication. Some of the diagrams I’ve seen explaining this attack can be a little confusing, but this video explanation is perfect:<\/p>\n

\n