Some more recent vehicles, including the Model Y and Model 3, include a passive keyless entry technology that uses Bluetooth and an unique key fob to detect when the driver (or, more precisely, the key) is close by. The vehicle’s doors are automatically unlocked by the proximity sensor, and the vehicle can also be started and driven. Although it is a highly useful device, it appears that committed auto thieves may be able to take advantage of it.
Khan detailed this vulnerability in an technical advisory that was released in May 2022. The iPhone running the Tesla app was situated on the top floor of a house about 82 feet from the Model 3 in the testing location for the relay attack device. About 23 feet away from the iPhone, one component of the attack device picked up its signal and transmitted it to the second device, which was about 10 feet away from the Tesla. Khan noted in the advise that the crew was able to unlock and turn on the EV despite the distance between them.
Khan told Bloomberg in a statement that he has shared his research with Tesla, which supposedly does not consider the problem to be “a substantial concern” but has acknowledged that “relay attacks are a known shortcoming of the passive entry mechanism.” According to him, Tesla would need to modify both the hardware of the vehicle and the keyless entry system in order to address the vulnerability. Although the Tesla Model 3 was used for the testing, Khan claims he anticipated similar outcomes for Model Y vehicles. He said that other vehicles that employ a similar system are reportedly vulnerable to attacks by these relay devices, thus the attacks are not just confined to Tesla automobiles.