Notebookcheck Logo

25 Tesla cars in 13 countries hacked as a security warning by a 19-year-old enthusiast

Tesla cars at a charging station
Tesla cars at a charging station
A 19-year-old IT and security enthusiast has managed to gain access to a number of Tesla cars in different countries following a vulnerability in third-party software or hardware that they installed. The access included key control features like "disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving," in addition to honking the horn or taking over the car stereo while driving.
E-Mobility Security

With modern electric cars dubbed "computers on wheels," reports on successfully hacking them to take over control were only a matter of time. When those reports refer to the world's most valuable car company, Tesla, it becomes all the more interesting how the hacker has achieved access to an EV belonging to someone else. The issue then becomes even more troubling given the fact that the breach was achieved by a 19-year-old "IT Security Specialist & Hacker." David Colombo claims they managed to virtually break into 25 Tesla cars in 13 countries and gain control over some of their functions via a third-party vulnerability. What was he able to with the Teslas then?

Nevertheless I now can remotely run commands on 25+ Teslas in 13 countries without the owners knowledge. Regarding what I‘m able to do with these Teslas now. This includes disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving...

I could also query the exact location, see if a driver is present and so on. The list is pretty long. And yes, I also could remotely rick roll the affected owners by playing Rick Astley on Youtube in their Teslas...

As already stated in some other replies, it is not „full remote control“ as in being able to remotely control steering or acceleration & braking... Yes, I potentially could unlock the doors and start driving the affected Teslas. No I can not intervene with someone driving (other than starting music at max volume or flashing lights) and I also can not drive these Teslas remotely.

He flagged the hack to Tesla's security team as there was no way to warn the people affected, and they are reportedly taking action, revoking tokens en masse, and looking into ways to avoid the issue in the future. It's worth noting that the Tesla access gained was not via some vulnerability in the car's core software, but rather third-party mods or hardware that people installed, so the issue is potentially affecting only a limited amount of Tesla drivers.

Get the 50A ChargePoint Home Flex EV charger on Amazon

Source(s)

Bloomberg (paywall) & David Colombo

Related Articles

The US$350 Model 3 HomeLink garage door opener accessory (image: Tesla)
Someone in Europe opened the garage of a US Tesla owner over Model 3 VIN number mismatch 09/20/2022
Team Green apparently managed to encrypt the hacked data in a reciprocal hack - but it was too late. (Image source: Nvidia/Unsplash - edited)
Jensen hacks back: Nvidia allegedly attacks ransomware group that stole 1 TB of Team Green's confidential data 02/26/2022
Tesla's record Model 3 sales claim in Australia was wrong, resulting in 'truth in reporting' demand by industry execs
Tesla's record Model 3 sales claim in Australia was wrong, resulting in 'truth in reporting' demand by industry execs 02/01/2022
The TeslaMic has been released in China, a gadget that you can use to play karaoke in your car. (Image source: Tesla)
Tesla releases microphone for in-car karaoke alongside Chinese New Year update 01/29/2022
Tesla has confirmed rumours that its Cybertruck will not be released until 2023 at the earliest. (Image source: Tesla)
Tesla confirms Cybertruck delay and reveals that a car is not its most important focus this year 01/27/2022
The FBI alerts customers to malicious QR codes that can direct them to phishing websites. (Image: Markus Winkler via Unsplash)
FBI warns that hackers are corrupting QR codes to conduct phishing attacks 01/21/2022
First felony charge against a Tesla driver who killed two while on Autopilot filed in a seminal moment for automated driving
First felony charge against a Tesla driver who killed two while on Autopilot filed in a seminal moment for automated driving 01/19/2022
The STI E-RA electric concept race car has 1,073 hp. (Image source: STI)
Subaru reveals race car with 1,073 hp at Tokyo Auto Salon 01/18/2022
A Mazout EV. (Source: Mazout)
Mazout hypes its inaugural EV as India's first electric cruiser motorbike 01/17/2022
Safari on macOS and iOS 15 suffers from a serious privacy violation bug. (Image Source: Apple)
Unpatched Safari 15 bug on macOS, iOS 15, and iPadOS 15 found to expose browsing history and Google account info 01/17/2022
Top Cybertruck model price may be announced January 26 along with Tesla's 2022 product roadmap
Top Cybertruck model price may be announced January 26 along with Tesla's 2022 product roadmap 01/13/2022
The updated 2022 Tesla Model S comes with new headlights, taillights and a new charging port for some markets (Image: Caster)
Pictures show updated 2022 Tesla Model S featuring new headlights, taillights and charging port 01/11/2022
Tesla has asked its fans to help the company sell cars directly to buyers in New York. (Image source: Tesla)
Tesla pleads with its userbase to help the company get approval for direct sales in New York 01/11/2022
Tesla's new 'Full Self-Driving' 10.3 update has an Assertive mode that mimics a more aggressive driver
Tesla's new 'Full Self-Driving' 10.3 update has an Assertive mode that mimics a more aggressive driver 01/10/2022
Tesla owners reveal how they mine for Bitcoin and Ethereum with the electric car's battery and GPU
Tesla owners reveal how they mine for Bitcoin and Ethereum with the electric car's battery and GPU 01/09/2022
Tesla rolls out a 175 MPH 'Plaid Track Mode' update for the Model S and a Carbon Ceramic Brake Kit to match
Tesla rolls out a 175 MPH 'Plaid Track Mode' update for the Model S and a Carbon Ceramic Brake Kit to match 01/07/2022
Tesla Model S covers a record 750-mile range on freezing Michigan highways with a new ONE battery
Tesla Model S covers a record 750-mile range on freezing Michigan highways with a new ONE battery 01/05/2022
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2022 01 > 25 Tesla cars in 13 countries hacked as a security warning by a 19-year-old enthusiast
Daniel Zlatev, 2022-01-13 (Update: 2022-01-13)