A serious security flaw has been revealed in the keyless entry and start system used by brands like Tesla and McLaren. A team of researchers from the Computer Security and Industrial Cryptography research group (COSIC) at the University of Leuven, Belgium were able to attack and clone the key fob of two Tesla Model S cars in “a matter of seconds,” allowing the bearer of the fob to unlock and start the vehicle.
The system was developed by software company Pektron and is said to be fitted into numerous high-end models. According to the research team, the Pektron system is easier to attack than other systems of this type because attackers don’t need to be close to the car and the key fob at the same time.
McLaren has confirmed that the research demonstrates a “theoretical vulnerability” in their vehicle security systems. However, the research has “not been proven to affect our vehicles, and we know of no McLaren that has been compromised in such a way.” Although customers are being contacted by email to inform them of the issue, and are being sent a signal blocking pouch to keep the car key safe from potential hackers.
Tesla previously released a ‘pin to drive’ security feature as a response to the findings. The researchers recommend owners using this in addition to disabling the passive entry system.