The 19-year-old hacker said he can control various functions on these vehicles and has informed Tesla’s security team.
A teenage hacker from Germany claimed to have found a way to take partial control of more than 25 Tesla cars in 13 countries around the world.
David Colombo is a self-described hacker and IT security specialist who made the claim on Monday (Jan 10). The 19-year-old hacker said on Twitter that he could remotely disable sentry mode protection on these electric vehicles, open windows and doors, control music, vehicle lights and start keyless driving.
While he doesn’t claim to be in full control of Tesla vehicles, Colombo said the list of things it can do is “pretty long.”
“I think it’s quite dangerous if someone can remotely play loud music or open the windows / doors while on the road.” hey tweeted. “Even turning your lights on without stopping can have a (dangerous) impact on other drivers.”
The teenage hacker said this is not a flaw in Tesla’s infrastructure and is the fault of the vehicle owners. He added that he wants to “fix all of this” before posting specific details on how he took control of these vehicles.
Colombo said Tesla’s security team has confirmed that it is investigating the issue and that a Common Vulnerabilities and Exposures (CVE) security team at Miter has “reserved a CVE” for this issue.
TezLab, the companion app for Tesla EV, said on its Twitter page this morning (Jan 12) that thousands of authentication tokens expired simultaneously and that many TezLab members will need to log in again to re-establish connection with their vehicles. Colombo shared this statement and said: “I apologize for the inconvenience.”
I apologize for the inconvenience 😅 https://t.co/H7ZmalGvtB
– David Colombo (@david_colombo_) January 12, 2022
Tesla runs a bug bounty program through Crowd of insects, a vulnerability disclosure platform where security researchers can present potential problems with products and services. The company is offering up to $ 15,000 for a qualified vulnerability.
Don’t miss out on the knowledge you need to be successful. Sign up for the daily letter, Silicon Republic’s roundup of necessary science and technology news.