Car thefts have been on the rise in recent years due to a couple of factors: TikTokers discovered Kias were ridiculously easy to steal and budding thieves found a way to hack modern keyless entry technology. An update to the wireless car tech was supposed to thwart some of the hacks but on Tesla cars, at least, it appears to have made little difference.
Cars such as the Tesla Model 3 were recently updated with ultra-wideband radio tech, which was developed to stop relay attacks in modern cars from making it easy for thieves to drive away with your precious wheels. However, a report from Wired found that the next-gen radio protocol left the Model 3 as stealable as ever.
Relay attacks occur when a thief is able to get close to your car key and broadcast its signals much further. This allows them to unlock your car and start it while you’re further away from the vehicle than you’d normally be able to open it from – such as when you’re in bed or stopping somewhere for lunch.
An upgrade to the tech rolled out ultra-wide band radio tech to many premium cars, which should have allowed for more precise measurements to be made between car and key, preventing some thefts. However, it doesn’t appear to have had that effect for Tesla:
In a video shared with WIRED, researchers at the Beijing-based automotive cybersecurity firm GoGoByte demonstrated that they could carry out a relay attack against the latest Tesla Model 3 despite its upgrade to an ultra-wideband keyless entry system, instantly unlocking it with less than a hundred dollars worth of radio equipment.
Since the Tesla 3’s keyless entry system also controls the car’s immobilizer feature designed to prevent its theft, that means a radio hacker could start the car and drive it away in seconds—unless the driver has enabled Tesla’s optional, off-by-default PIN-to-drive feature that requires the owner to enter a four-digit code before starting the car.
Jun Li, GoGoByte’s founder and a longtime car-hacking researcher, says that his team’s successful hack of the latest Model 3’s keyless entry system means Tesla owners need to turn on that PIN safeguard despite any rumor that Tesla’s radio upgrade would protect their vehicle. “It’s a warning for the mass public: Simply having ultra-wideband enabled doesn’t mean your vehicle won’t be stolen,” Li says. “Using relay attacks, it’s still just like the good old days for the thieves.”
Many had hoped for more from Tesla’s rollout of ultra-wide band tech, much more. Especially because a 2020 patent from the automaker promised increased security from the implementation of the tech, which it said could prevent theft from relay attacks.
That hasn’t happened, however, and the researchers were able to open, start and steal the car from as much as 15 feet away from the proper keys.
Despite making claims of increased security from ultra-wide band, Tesla responded to the researchers findings by explaining that it hadn’t, in fact, created the tech to prevent thefts. As Wired adds:
“This behavior is expected, as we are currently working on improving the reliability of UWB,” read Tesla’s email in response to GoGoByte’s description of its relay attack. “UWB ranging will be enforced when reliability improvements are complete.”
It isn’t all bad news for Tesla owners today, however, as the Wired report notes that the company’s cars are marginally less likely to be stolen because criminals know of their GPS connectivity, which can tell the owner where their car is at all times.
If Tesla makes a car that’s marginally less stolen than other models, what cars are America’s car thieves targeting? Well, we rounded up some of the most stolen cars in America in a list right here.