Security researchers have showcased a Man-in-the-Middle (MiTM) phishing attack that can compromise Tesla accounts, enabling attackers to unlock and start the vehicles. This attack, conducted using a Flipper Zero device but applicable to other devices, exploits vulnerabilities in the latest Tesla app and software versions. By setting up a fake Tesla login page on a spoofed WiFi network like “Tesla Guest,” attackers can trick victims into entering their credentials, granting access to the car. Despite researchers’ efforts to alert Tesla about the security flaw, the company deemed it out of scope, highlighting potential risks associated with such attacks
Read more at: www.bleepingcomputer.com