For the second time, Chinese security researchers were able to hack a Tesla Model X, turning on the brakes remotely and getting the doors and trunk to open and close while blinking the lights in time to music streamed from the car's radio — an effect they dubbed "the unauthorized Xmas show."
The complex hack involved sending malicious software through the car's web browser in a series of circuitous computer exploits. They were able to remotely control the car via both Wi-Fi and a cellular connection.
The researchers informed Tesla of their discovery in June of this year and the company patched the vulnerabilities within two weeks, said Samuel Lv, director of the Keen Security Lab at Chinese tech giant Tencent.
In a statement, Tesla said it actively encourages this type of research so that it can prevent potential issues from occurring. The risk to customers from such exploits is very low and Tesla has not seen a single customer ever affected by it, the statement said.
This is actually the second year the team from Keen Security Lab in Shanghai managed to hack a Tesla and remotely engage its brakes.
"We informed Tesla of the vulnerabilities we found last year and they corrected them. This year our research found new vulnerabilities and we were able to reproduce the same remote control of the car," said Sen Nie, lead researcher for the car hacking team at Keen Security Lab. He presented the research with colleagues Ling Liu and Wen Lu at a conference of security researchers here.
Nie emphasized that the work was complex and not easily replicated. He also said the researchers don't believe Teslas are inherently more vulnerable than other cars.
Charlie Miller, the hacker who gained fame in 2015 for hacking a Jeep with fellow researcher Chris Valasek, attended the group's presentation at the Black Hat conference Thursday.
"There are only three groups in the world who've successfully hacked cars. The University of Washington in 2010, me and Chris and now these guys. And they've done it twice," he said.
The team that Nie leads is part of Tencent, sometimes called the Facebook of China because its mobile messaging apps have more than 930 million users. It is also the world's largest publisher of video games.
In 2016 Tencent began to broaden its mission, adding security research and consulting. It launched Nie's group focusing on automotive security so that it could work with China's many companies that produce parts and systems for the global auto industry.
"A lot of OEMs don't have the knowledge or background to deal with cybersecurity issues. We consult with them to help them evaluate the security of connectivity modules on cars," said Lv.