Notebookcheck Logo

25 Tesla cars in 13 countries hacked as a security warning by a 19-year-old enthusiast

Tesla cars at a charging station
Tesla cars at a charging station
A 19-year-old IT and security enthusiast has managed to gain access to a number of Tesla cars in different countries following a vulnerability in third-party software or hardware that they installed. The access included key control features like "disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving," in addition to honking the horn or taking over the car stereo while driving.

With modern electric cars dubbed "computers on wheels," reports on successfully hacking them to take over control were only a matter of time. When those reports refer to the world's most valuable car company, Tesla, it becomes all the more interesting how the hacker has achieved access to an EV belonging to someone else. The issue then becomes even more troubling given the fact that the breach was achieved by a 19-year-old "IT Security Specialist & Hacker." David Colombo claims they managed to virtually break into 25 Tesla cars in 13 countries and gain control over some of their functions via a third-party vulnerability. What was he able to with the Teslas then?

Nevertheless I now can remotely run commands on 25+ Teslas in 13 countries without the owners knowledge. Regarding what I‘m able to do with these Teslas now. This includes disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving...

I could also query the exact location, see if a driver is present and so on. The list is pretty long. And yes, I also could remotely rick roll the affected owners by playing Rick Astley on Youtube in their Teslas...

As already stated in some other replies, it is not „full remote control“ as in being able to remotely control steering or acceleration & braking... Yes, I potentially could unlock the doors and start driving the affected Teslas. No I can not intervene with someone driving (other than starting music at max volume or flashing lights) and I also can not drive these Teslas remotely.

He flagged the hack to Tesla's security team as there was no way to warn the people affected, and they are reportedly taking action, revoking tokens en masse, and looking into ways to avoid the issue in the future. It's worth noting that the Tesla access gained was not via some vulnerability in the car's core software, but rather third-party mods or hardware that people installed, so the issue is potentially affecting only a limited amount of Tesla drivers.

Get the 50A ChargePoint Home Flex EV charger on Amazon

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Mail Logo
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2022 01 > 25 Tesla cars in 13 countries hacked as a security warning by a 19-year-old enthusiast
Daniel Zlatev, 2022-01-13 (Update: 2022-01-13)