It's a common man-in-the-middle attack, and you don't need a Flipper Zero to do it, any PC, laptop, even a cellphone could do the same. See also: Phishing attacks at coffee shops and the like.
On Fri, 8 Mar 2024 at 13:57, EV List Lackey via EV <ev@lists.evdl.org> wrote: > The subject line is a bit frivilous, but actually I guess that this is > potentially serious. > > ----- > > "Security researchers report they uncovered a design flaw that let them > hijack a Tesla using a Flipper Zero, a controversial $169 hacking tool ... > > "Using a Flipper, the researchers set up a WiFi network called 'Tesla > Guest,' the name Tesla uses for its guest networks at service centers ... > > "[The thief] could broadcast the network near a charging station, where a > bored driver might be looking for entertainment. The victim connects to > the > WiFi network and enters their username and password on the fake Tesla > website. The [thief] then uses the credentials to log in to the real Tesla > app, which triggers a two-factor authentication code. The victim enters > that > code into the fake website, and the thief gains access to their account. > Once you´re logged into the Tesla app, you can set up a "phone key" which > lets you unlock and control the car over Bluetooth with a smartphone. From > there, the car is yours." > > Yikes. > > Full story: > > https://jalopnik.com/want-to-steal-a-tesla-try-using-a-flipper-zero- > 1851316625 > > Or https://v.gd/FPzvOL > > David Roden, EVDL moderator & general lackey > > To reach me, don't reply to this message; I won't get it. Use my > offlist address here : http://evdl.org/help/index.html#supt > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = > > I asked a man in prison once how he happened to be there and > he said he had stolen a pair of shoes. I told him if he had > stolen a railroad he would be a United States Senator. > > -- Mary Harris Jones > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = > > _______________________________________________ > Address messages to ev@lists.evdl.org > No other addresses in TO and CC fields > HELP: http://www.evdl.org/help/ > > -- Robert "Anaerin" Johnston -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.evdl.org/private.cgi/ev-evdl.org/attachments/20240308/0f5f199c/attachment.htm> _______________________________________________ Address messages to ev@lists.evdl.org No other addresses in TO and CC fields HELP: http://www.evdl.org/help/