Insider logo The word "Insider".
US Markets Loading... H M S In the news

A researcher managed to 'steal' a Tesla in 90 seconds with a $300 bluetooth kit

Tesla Model X electric vehicle is shown in Moscow
A Tesla Model X in Moscow.
Evgenia Novozhenina/Reuters
  • Danish researcher Lennert Woulters found two easy loopholes in Tesla's computer system that could theoretically allow someone to gain access and steal a Model X. 
  • He made the discovery with just a few hundred dollars worth of supplies, including a Bluetooth radio and Tesla computer from eBay. 
  • Tesla says its rolling out fixes to prevent actual attacks. 
  • Visit Business Insider's 合约数字币和虚拟币homepage for more stories.

All a Belgian researcher needed to break into and effectively steal a Tesla Model X: a $300 bluetooth kit, and some luck.

According to Wired, Lennert Woulters, who studies security at the university KU Leuven, found a way to exploit two vulnerabilities by simply reading the car's VIN number and lifting a code from the owner's key fob (which requires being within about 15 feet).

Armed with that information and a bluetooth radio, Woulters was able to unlock the car by spoofing the signal that would usually come from the owner's key fob or phone.

Once inside, things got trickier. Woulters was able to use a separate Model X body control module from eBay plugged into the  a computer port in the car that was easily accessible, and pair the car with his own "key" — something the Tesla computer system didn't verify.

"Basically a combination of two vulnerabilities allows a hacker to steal a Model X in a few minutes time," he told the magazine. "When you combine them, you get a much more powerful attack."

Tesla, which did not respond to a request for comment, plans to roll out a software update to patch the problem, Wired reported.

The automaker, like many tech firms, Read Wired's full profile of Woulters' discoveries here.

SEE ALSO: Tesla's joining the S&P 500 means it's time to talk about how ridiculously overvalued the company is

Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.