Red Tesla Model S on Road - H 2014
Courtesy of TeslaOn the eve of the Defcon hacking conference in Las Vegas, two computer security experts revealed Thursday that they had successfully hacked a Telsa Model S and were able to remotely manipulate several of its controls, including turning off the engine while the car was moving.
Kevin Mahaffey, co-founder of Lookout Mobile Security, and CloudFlare security researcher Marc Rogers were able to install malware that allowed them to unlock doors, open the trunk, darken screens displaying speed and other information and, at low speed, turn off the engine.
In response, Tesla issued an over-the-air software fix to Model S cars Thursday.
Mahaffey and Rogers pointed out that they had to physically take apart the car’s dashboard and install the malware via an ethernet port, but once in place, it allowed them to remotely manipulate the car’s controls.
Rogers told CNN that the pair had found six other flaws in the Tesla, among them that the Model S was using an obsolete web browser susceptible to malicious code.
The hack is the latest to demonstrate the vulnerability of connected cars to computer attacks.
In July, Fiat-Chrysler recalled 1.4 million vehicles after hackers remotely manipulated the engine, brakes and other systems of a moving Jeep Cherokee through a flaw in its infotainment system.
Rogers and Mahaffey will present their findings at Defcon Friday. The Hollywood Reporter will provide live coverage.
