Tesla’s vehicles are generally considered to be safe, with features like lane-keeping assist, blind-spot monitoring, forward collision warning and emergency braking baked into the car’s autopilot system. But what if the threat is not on the road, and instead is sitting at a desk, hacking into Tesla’s systems?
David Colombo, a Germany-based 19-year-old IT security specialist & hacker, uncovered a software flaw in some Tesla vehicles that allowed him to gain access to 25 cars in 13 different countries. The breach enables him to remotely run commands on the affected vehicle and control its doors and windows, blast music, disable Sentry Mode, start keyless driving and more.
Nevertheless I now can remotely run commands on 25+ Tesla‘s in 13 countries without the owners knowledge.
Regarding what I‘m able to do with these Tesla‘s now.
This includes disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving.[2/X]
— David Colombo (@david_colombo_) January 11, 2022
Colombo didn’t go into detail regarding how he gained access to the vehicles’ system, but he did say it wasn’t due to a flaw in Tesla’s core infrastructure, and instead, it was the mistake of the owners. Colombo also claimed to be able to detect the presence of a driver, check their locations and flash their headlights.
“And yes, I also could remotely rickroll the affected owners by playing Rick Astley on YouTube in their Teslas,” reads one of his Tweets.
While the breach does give Colombo access to some of the vehicle’s functions, he can’t fully control the car, including the inability to control the acceleration, steering or braking. However, the minute level of control that he does have could prove dangerous. He states, “I think it’s pretty dangerous, if someone is able to remotely blast music on full volume or open the windows/doors while you are on the highway. Even flashing the lights non-stop can potentially have some (dangerous) impact on other drivers.”
It’s worth noting that Colombo isn’t a rogue hacker and doesn’t pose a threat. Tesla’s security team has already contacted him, and they’re currently investigating the issue.
Addition as of 11. Jan 22:33 (CET)
Tesla‘s Security Team just confirmed to me they’re investigating and will get back to me with updates as soon as they have them.
[8/8]
— David Colombo (@david_colombo_) January 11, 2022
Source: @david_colombo_
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.
