<p>Millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology, a cybersecurity firm said on Tuesday.</p>.<p>In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner's phone.</p>.<p>"This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world," the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol - technology used in millions of cars and smart locks which automatically open when in close proximity to an authorised device.</p>.<p>Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.</p>.<p>Tesla did not immediately respond to a request seeking comment.</p>.<p>NCC Group said such a vulnerability was not like a traditional bug which could be fixed with a software patch and added BLE-based authentication was not originally designed for use in locking mechanisms.</p>.<p>"In effect, systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware," the firm said.</p>.<p>"This research illustrates the danger of using technologies for reasons other than their intended purpose, especially when security issues are involved".</p>
<p>Millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology, a cybersecurity firm said on Tuesday.</p>.<p>In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner's phone.</p>.<p>"This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world," the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol - technology used in millions of cars and smart locks which automatically open when in close proximity to an authorised device.</p>.<p>Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.</p>.<p>Tesla did not immediately respond to a request seeking comment.</p>.<p>NCC Group said such a vulnerability was not like a traditional bug which could be fixed with a software patch and added BLE-based authentication was not originally designed for use in locking mechanisms.</p>.<p>"In effect, systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware," the firm said.</p>.<p>"This research illustrates the danger of using technologies for reasons other than their intended purpose, especially when security issues are involved".</p>