A hacker from Germany has claimed to have found a way to take control of more than 25 Tesla cars in 13 countries around the world.
David Columbo is a self-described IT security specialist and hacker who made the claim on Monday 10 January. The 19-year-old hacker said on Twitter that he can disable the sentry mode protection on these EVs, open windows and doors, control the music, the vehicle lights and start keyless driving.
While he doesn’t have full control of the Tesla vehicles, Columbo said the list of things he can do is “pretty long”. He can also query the exact location of the vehicle and see if a driver is present.
“I think it‘s pretty dangerous, if someone is able to remotely blast music on full volume or open the windows/doors while you are on the highway. Even flashing the lights non-stop can potentially have some (dangerous) impact on other drivers.” Columbo added.
The teen hacker said this is not a flaw in Tesla’s infrastructure and is the fault of the owners of the vehicles, but he has not found a way to contact them about this issue. He added that he wants to “get this all fixed” before he releases specific details on how he took control of these vehicles.
Columbo said Tesla’s security team have confirmed they are investigating the issue and a Common Vulnerabilities and Exposures (CVE) security team from Mitre have “reserved a CVE” for this issue.
TezLab, the companion app for Tesla EVs, said on its Twitter page this morning (12 January) that thousands of authentication tokens simultaneously expired and that many TezLab members will need to sign in again to re-establish connection to their vehicles. Columbo shared this statement and said: “I apologise for the inconvenience.”
I apologize for the inconvenience https://t.co/H7ZmalGvtB
— David Colombo (@david_colombo_) January 12, 2022
Tesla runs a bug bounty program through BugCrowd, a vulnerability disclosure platform where security researchers can submit their own vehicles for security testing. The company offers up to $15,000 for a qualifying vulnerability.
Last August the US National Highway Traffic Safety Administration said 11 Tesla vehicles have crashed into emergency vehicles over the last three years while using some form of assisted driving.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
The post Teen hacker claims to have control of 25 Tesla vehicles worldwide appeared first on Silicon Republic.