This is a very low probability vulnerability. Obviously always be careful where you enter credentials.
On Fri, Mar 8, 2024 at 1:14 PM Robert Johnston via EV <ev@lists.evdl.org> wrote: > It's a common man-in-the-middle attack, and you don't need a Flipper Zero > to do it, any PC, laptop, even a cellphone could do the same. See also: > Phishing attacks at coffee shops and the like. > > On Fri, 8 Mar 2024 at 13:57, EV List Lackey via EV <ev@lists.evdl.org> > wrote: > > > The subject line is a bit frivilous, but actually I guess that this is > > potentially serious. > > > > ----- > > > > "Security researchers report they uncovered a design flaw that let them > > hijack a Tesla using a Flipper Zero, a controversial $169 hacking tool > ... > > > > "Using a Flipper, the researchers set up a WiFi network called 'Tesla > > Guest,' the name Tesla uses for its guest networks at service centers ... > > > > "[The thief] could broadcast the network near a charging station, where a > > bored driver might be looking for entertainment. The victim connects to > > the > > WiFi network and enters their username and password on the fake Tesla > > website. The [thief] then uses the credentials to log in to the real > Tesla > > app, which triggers a two-factor authentication code. The victim enters > > that > > code into the fake website, and the thief gains access to their account. > > Once you´re logged into the Tesla app, you can set up a "phone key" which > > lets you unlock and control the car over Bluetooth with a smartphone. > From > > there, the car is yours." > > > > Yikes. > > > > Full story: > > > > https://jalopnik.com/want-to-steal-a-tesla-try-using-a-flipper-zero- > > 1851316625 > > > > Or https://v.gd/FPzvOL > > > > David Roden, EVDL moderator & general lackey > > > > To reach me, don't reply to this message; I won't get it. Use my > > offlist address here : http://evdl.org/help/index.html#supt > > > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = > > > > I asked a man in prison once how he happened to be there and > > he said he had stolen a pair of shoes. I told him if he had > > stolen a railroad he would be a United States Senator. > > > > -- Mary Harris Jones > > = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = > > > > _______________________________________________ > > Address messages to ev@lists.evdl.org > > No other addresses in TO and CC fields > > HELP: http://www.evdl.org/help/ > > > > > > -- > Robert "Anaerin" Johnston > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.evdl.org/private.cgi/ev-evdl.org/attachments/20240308/0f5f199c/attachment.htm > > > _______________________________________________ > Address messages to ev@lists.evdl.org > No other addresses in TO and CC fields > HELP: http://www.evdl.org/help/ > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.evdl.org/private.cgi/ev-evdl.org/attachments/20240308/0669496c/attachment.htm> _______________________________________________ Address messages to ev@lists.evdl.org No other addresses in TO and CC fields HELP: http://www.evdl.org/help/
