Smartphones can do amazing things, but who knew that they could also help you hack into expensive, luxury electric cars and drive away with them.
Electrek reports that a car thief most likely used a smartphone to unlock a Tesla Model 3, that was on display at the Mall of America in Minnesota. According to Electrek, a cybersecurity specialist suspects that the man who allegedly stole the car probably added the Vehicle Identification Number (VIN) to his Tesla account after a call to the company’s customer service department. Once the car was linked to his account and phone, it allowed him to unlock the car and drive away.
“By doing that, you can now control the Tesla from an app on your phone,” computer forensics expert, Mark Lanterman said in an interview with Fox 9.
The Drive reports that the thief made it 1,000 miles out of Minnesota before he was tracked down by authorities in Waco, Texas.
He tried to avoid capture by disabling the car’s GPS, but the owner outsmarted him by passing along the car’s charging locations over to the authorities.
The owner of the car rental company, John Marino, said that the suspect is someone he knows.
“We suspected it was him because he used to brag a lot about how much he knew about the car and its security, and this was somebody who had the wherewithal to make this happen,” Marino explained.
This story raises questions about how secure the Tesla Model 3 really is, and it looks like the answer is that it’s harder to get away with than a regular car.
Marino added that Teslas, on the whole, are pretty difficult to steal successfully because the company collects lots of information about its users and the vehicle’s driving history.
“Tesla is not the car to steal,” he said. “The amount of data Tesla collects is actually kind of creepy.”
Electrek reports that it’s not atypical for Tesla to allow its customers to add VIN’s to their account for rentals so that they can use the app on their phone as a key. The thief was reportedly able to take advantage of that, so perhaps another layer of security should be added down the line.
Tesla told Electrek that the thief was able to unlock the car because he rented it previously, but the rental company said that they disabled the suspect’s access after he returned it.