Tesla recently released the list of security researcher Hall of Fame of 2018, in which 360 UnicornTeam was the only and first team shown. Since 2014, successfully hacking into Tesla, 360 has been recognized in the hall of fame the most times compared to other security service providers.
The security researchers who were appreciated by Tesla this time were the UnicornTeam members, including Jun Li (@bravo_fighter), Qing Yang (@Ir0nSmith), Yingtao Zeng, and Chaoran Wang.
360 reported a significant vulnerability to Tesla
360 UnicornTeam discovered a theory of “wireless key fob relay attack” that could break into Tesla’s keyless system. By intercepting the signal from the car key holder, attackers can trick smart car to mistakenly consider that its owner is by the car door, and thus unlock the car. In fact, the real owner may be hundreds of meters away.
The researchers created an experimental system to test their hypothesis of wireless key fob relay attack, successfully breaking into the car, and, at the same time, exploding that “the original scenario” of using the keyless system could be destructible.
UnicornTeam reported the research result to Tesla, who officially acknowledged that the vulnerability could be manipulated by attackers and appreciated the team with cash reward.
Extraordinary security research teams with continuous efforts
The founder of 360 UnicornTeam, Qin Yang, warned that the found vulnerability not only impacted Tesla cars, but also could be exploited on many other brands’ vehicles globally. The team is the leading research group in such field with several publications in China, and will dig out more security vulnerabilities for car vendors and auto part suppliers to eventually protect users’ against attackers. As the no. 1 Internet security company in China, 360 has built the smart car lab, IoT security research lab (Learn more about The biggest DDoS attack powered by IoT products), and wireless security system lab to advance with times and keep you safe.