Chinese hackers discovered a flaw in the Tesla Model S car and used it to unlock doors and sunroof, flash headlights and honk in a moving car.
A group of hackers participating in the renowned internet security conference, the Symposium on Security for Asia Network (SyScan), succeeded in their attempts to hack the Tesla Model S electric car. The competition, which promised grant money of $10,000 for remotely hacking various functions of the car as well as the engine within a limited timeframe, was concluded without a winner. An IT team from Qihoo 360 Security Technology was awarded 10,600 Yuan ($1,700) for getting closest to the victory.
The Tesla Software Hack Challenge winning team exploited a flaw in the Tesla Model S car that enabled unlocking of the car doors and sunroof in a moving car, according to the hinese social networking site, Sina Weibo. In addition, the hackers remotely honked the horn and even flashed the headlights of the Model S. The details of the hack have not been disclosed, but an unnamed source told CNET that the hack was made possible by cracking the six-digit code in the Model S mobile app.
The Sina Weibo post jokingly warned Tesla drivers to avoid becoming a "drowned rat" in case the sunroof suddenly opens while driving in the rain. The mobile app, which connects to the car via Bluetooth, enables Tesla owners to control the air conditioner, GPS tracking and monitor the progress of charging. If the hackers can gain access to the mobile app, they can control these functions in addition to unlocking doors and sunroof, honking and flashing headlights.
Qihoo 360, which co-sponsored the event, reported the vulnerability to Tesla and offered to help fix it. Tesla was not a part of the conference but promised to fix a real flaw upon discovery.
"While Tesla is not associated with the conference and is not a sponsor of the competition, we support the idea of providing an environment in which responsible security researchers can help identify potential vulnerabilities," a company spokesperson told Bloomberg in an email. "We hope that the security researchers will act responsibly and in good faith."
The hack comes shortly after Tesla announced that its patents were open for automakers to use for adoption in electric cars. The car maker started shipping its flagship sedan to China in April with hopes to match the sales in the country to that of the U.S. by 2015.