German teen claims he found a way to hack over 25 Tesla cars in 13 countries

By Alma Fabiani

Published Jan 15, 2022 at 08:57 AM

Reading time: 2 minutes

26396

On Tuesday 11 January, 19-year-old David Colombo, a self-described “information technology security specialist and hacker,” wrote on Twitter that he had found flaws in a piece of third-party software used by a relatively small number of owners of Tesla cars, meaning that hackers could remotely control some of the vehicles’ functions.

According to Colombo, the flaws gave him the ability to unlock doors and windows, start the cars without keys and even disable their security systems. He also claimed that he could see if a driver is present in the car, turn on the vehicles’ stereo sound systems and flash their headlights.

In other words, hacking into the third-party software in question offered him the chance to control pretty much what he wants in most Tesla cars. Considering the fact that a Massachusetts Institute of Technology (MIT) study confirmed that Tesla’s autopilot is unsafe back in September 2021, this potential addition to the infamous cars’ list of dangers came as yet another blow to Elon Musk’s company.

In an interview with Bloomberg, Colombo provided screenshots and other documentation of his research that identified the maker of the software and gave more details on the vulnerabilities it presents. He asked that the publication not publish specifics however, because the affected company had not published a fix at the time of writing. On Twitter, Colombo added that he could access more than 25 Teslas in at least 13 countries, which is why he decided to share this information on the social media platform when he wasn’t able to contact most of the owners directly.

‘So what’s wrong exactly?’ some of you might be wondering. According to what Colombo told Bloomberg, “the problem involves an insecure way the software stores sensitive information that’s needed to link the cars to the program.” While it truly depends on who can access such information, in the wrong hands, it could be stolen and repurposed by hackers to send malicious commands to the cars, he continued to explain. He even showed Bloomberg screenshots of a private conversation he had on Twitter with one of the affected owners, who allowed him to remotely honk his car’s horn.

Since then, Colombo has been in touch with members of Tesla’s security team as well as with the maker of the third-party software. Tesla has a “bug bounty” programme where cybersecurity researchers can report vulnerabilities in the company’s products and, if validated, receive payment.

This latest discovery goes to show some of the remaining risks of moving to the so-called ‘Internet of Things’, where everything is connected online—thus becoming potentially vulnerable to hacking threats. “Just don’t connect critical stuff to the internet,” Colombo advised. “It’s very simple. And if you have to, then make sure it is set up securely.”

Keep On Reading

By Eliza Frost

The Summer I Turned Pretty stars Lola Tung and Gavin Casalegno caught in political drama

By Charlie Sawyer

This Oscar-winning actor is the top pick to play Voldemort in HBO Max Harry Potter reboot

By Charlie Sawyer

Who is Zohran Mamdani, the staunch socialist primed to become New York’s first Muslim mayor?

By Abby Amoakuh

I sat down with two professional matchmakers to solve Gen Z’s dating fatigue

By Eliza Frost

Why is Taylor not Team Conrad in The Summer I Turned Pretty?

By Charlie Sawyer

Brooklyn Beckham and Nicola Peltz Beckham hire a lawyer to battle misinformation amid growing family rift

By Charlie Sawyer

McDonald’s hit with new mass boycott. Here’s who’s behind it and why

By Charlie Sawyer

Here’s why the internet is convinced that Trisha Paytas’ third baby will be the reincarnation of Pope Francis

By Fatou Ferraro Mboup

Celebrities call out Blue Origin for sending Katy Perry and Lauren Sánchez to space

By Charlie Sawyer

Sabrina Carpenter accused of centering men on controversial album cover

By Charlie Sawyer

Wednesday star Jenna Ortega reveals surprising dream role in recent interview

By Abby Amoakuh

Francesca Farago reveals that influencers are being paid to participate in trend mocking Hailey Bieber

By Abby Amoakuh

Only at Coachella can you be caught saying the N-word and still perform without question

By Eliza Frost

What is the Gen Z stare, and why are millennials on TikTok so bothered by it?

By Eliza Frost

We finally know why Conrad and Belly broke up in The Summer I Turned Pretty season 2

By Charlie Sawyer

Chappell Roan cancelled yet again for saying she can’t be expected to be politically educated all the time

By Eliza Frost

How exactly is the UK government’s Online Safety Act keeping young people safe? 

By Julie Huynh

Hockey fan edits are taking over TikTok, and it’s all thanks to Gen Z girlies

By Charlie Sawyer

Harry Potter TV series crew bewildered over production’s strange decision on location to film iconic scene

By Charlie Sawyer

Transformers director Michael Bay officially confirmed to direct movie about viral Skibidi Toilet meme