A black 2020 Tesla Model Y electric vehicle.  Photo is a view of the front and half of the car with a large arrow sign in the background.  Photo was taken August 8, 2020 near Salt Lake City Utah.
Tech - News
This Tesla Hack Unlocks A Model Y
If you own a Tesla Model Y, you need to know that a security consultant has discovered a new attack that enables thieves to unlock and steal a Model Y electric car. This latest vulnerability comes after a software update eliminates the need for Tesla owners to place their NFC key card in the console between the front seats to shift into D and drive off.
The latest Tesla relay attack is a two-person operation; it involves a person near the car and an accomplice positioned near the owner's NFC card or Tesla key-enabled smartphone. The hacker near your Model Y uses a Proxmark RDV4.0 RFID tool placed near the NFC reader in the side pillar, and the car transmits a "challenge" the key card needs to "answer."
In this case, the Proxmark tool sends the challenge using Bluetooth or Wi-Fi to a smartphone or tablet held by the second hacker lurking near your table at a restaurant or while jogging in the park. The idea is for the accomplice's smartphone to pick up the keycard's response and send it back to the Proxmark tool, and voilà! The thief could unlock the car and drive off.
When contacted regarding this new vulnerability, Tesla said their PIN-to-Drive feature would prevent such an attack because it requires the driver to enter a four-digit verification code on the touchscreen before driving the car. Not many Tesla Model Y owners know about this feature, but it's time to activate it to mitigate potential NFC-related attacks.
You can activate PIN-to-Drive in your Tesla by opening Controls, Safety & Security, then PIN to Drive. The system will prompt you to create a four-digit verification code that you need to enter manually after unlocking the vehicle. This feature could prevent future theft, but remember that thieves could still unlock and open the doors to steal valuables inside your Tesla.