Feedback
Tech

Tesla Fixes Bugs After Chinese Hackers Show They Can Open Trunk, Apply Brakes

Tesla has rolled out a security patch for its electric cars after Chinese security researchers uncovered vulnerabilities they said allowed them to remotely attack a Tesla Model S sedan.

In a demonstration video, the researchers remotely engaged the brake on a moving Tesla S, turned on its windshield wipers and opened the trunk.

A man looks around Tesla Motors' Model S P85 at its showroom in Beijing
A man looks around Tesla Motors' Model S P85 at its showroom in Beijing. REUTERS/Kim Kyung-Hoon/File Photo REUTERS

The automaker said that it had patched the bugs in a statement to Reuters on Tuesday, a day after cyber-security researchers with China's Tencent disclosed their findings on their blog.

Interest in car hacking has surged since Fiat Chrysler last year recalled 1.4 million U.S. vehicles to fix onboard software bugs uncovered by two researchers. They demonstrated that they were able to gain remote control of a Jeep traveling at high speeds in a dramatic video posted on Wired.

Related: Tesla’s ‘Master Plan, Part Deux’ Is Revealed

Tesla said it was able to remedy the bugs uncovered by Tencent using an over-the-air fix to its vehicles, which saved customers the trouble of visiting dealers to obtain the update.

Tencent's Keen Security Lab said it believed its researchers were the first to gain remote control of a Tesla vehicle by hacking into an onboard computer system known as a CAN bus.

"We have verified the attack vector on multiple varieties of Tesla Model S," the blog said. "It is reasonable to assume that other Tesla models are affected."

Tesla said it pushed out an over-the-air update to automatically update software on its vehicles within 10 days of learning about the bugs.

"Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly," the statement said.

It said the attack could only be triggered when a Tesla web browser was in use and the vehicle was close enough to a malicious WiFi hot spot to connect to it.