ceekz
Member
I thought it was interesting that while the GPS tracking was turned off, the car was tracked via Supercharger use. I think the thief had someone on the inside to bypass the protocols.
You can install our site as a web app on your iOS device by utilizing the Add to Home Screen feature in Safari. Please see this thread for more details on this.
Note: This feature may not be available in some browsers.
Has this been posted?
Tesla Model 3 Stolen From Mall of America Using Only a Smartphone
Tesla Model 3 rental was stolen by reusing authentication key, thief caught days later in another state
With cars becoming more connected than ever, cybersecurity is a hot-button topic that extends past your computer screen and into your car. Using a bit of technology, an alleged car thief was able to get his hands on a Model 3 at the Mall of America and drive away without needing a key. The alleged crime was reportedly committed via smartphone.
A computer forensics specialist who commented on the happenings of the incident was able to narrow down just how the alleged stolen Tesla was taken with such reported ease. The person allegedly responsible for taking the car is believed to have reached out to Tesla's customer support to add the stolen Model 3 to his Tesla account by its vehicle identification number. Once the vehicle was accessible on a smartphone that was signed into this person’s account, he was reportedly able to unlock the car and drive away without ever needing a key.
Several days later, the alleged car thief was tracked down and arrested in the stolen car in Waco, Texas, more than 1,000 miles south of its starting point in Minnesota. Since this person disabled GPS tracking on the car, the owner had to utilize a different method of tracking down the alleged crook. The owner tracked the location of the car's Supercharging and provided it to local authorities where they promptly located the car and arrested the man behind the wheel.
Toll free numbers like Tesla's number get the ANI, the ANI is very reliable. ANI cannot be blocked like Caller ID
Automatic number identification - Wikipedia
The telco gets the ANI not the call center. And anyway, with a SIP trunk, the ANI matches the caller ID, so easily spoofed.
Toll free numbers like Tesla's number get the ANI, the ANI is very reliable. ANI cannot be blocked like Caller ID
Automatic number identification - Wikipedia
The telco gets the ANI not the call center. And anyway, with a SIP trunk, the ANI matches the caller ID, so easily spoofed.
They do it this way for integration with other parts of the platform where they may want an account number retrieved based on the phone number calling in. It is very easy to spoof the number and contact center software is unlikely to ever handle the actual ANI.
I thought it was interesting that while the GPS tracking was turned off, the car was tracked via Supercharger use. I think the thief had someone on the inside to bypass the protocols.
Read Kevin Mitnick, a cracker turned hacker: "social engineering" is a LOT easier than code breaking.I read the same article earlier. Really pissed me off - seems like he must have tricked a support rep into adding the car to his app. That support rep gave him the car.