We all wish we were world-class hackers and trackers with the power to scare the heavyweight conglomerates, tech-giants and big-budget billionaires, right? Oh, what it feels like to be modern vigilantes, save the day Robin Hood-style, stay up to date and be on the ground—all the while catching bad guys in the sky. Recently, it seems that Jack Sweeney has cracked the code to such heroism with his latest quest to hunt down Russian tycoons. Following on from his previous noble efforts to track down Elon Musk’s private jet, Sweeney is now chasing after Russian billionaires as they find themselves in hot water over the country’s invasion of Ukraine.

https://twitter.com/ElonJet/status/1498364944441647108

https://twitter.com/ElonJet/status/1483587836053909504

Catapulted into notoriety for his scandalous uncovering of Musk’s private jet movements—through @ElonJet, the most successful of his many Twitter accounts tracking other powerful people around the world—it looks like Sweeney has found bigger fish to fry in the form of sickeningly wealthy Russians. Following the flight patterns of many major moguls, the Twitter account has amassed over 300,000 followers eager to also know the location of one of the world’s most controversial public figures. Now, the college freshman student at the University of Central Florida, is on the aviation hunt for Russia’s richest.

Other names on Sweeney’s hit list include our favourite Jeff Bezos and Bill Gates. Sweeney also has his sights on Donald Trump’s whereabouts. Wonder where that’ll take him…

https://twitter.com/JxckSweeney/status/1497741460631785472

Switching out Musk for a more Eurasian flavour, Sweeney set up @RUOligarchJets in February 2022. Bloomberg, covering the story, also noted the popularity of accounts like @ElonJet with Colby Howard, the president of Paragon Intel—a corporate aviation intelligence provider—and its popular product JetTrack. In an interview with the outlet, Sweeney’s Twitter accounts were cited as the “People Magazine version” of corporate aviation intelligence, making it all the more clear why the same hype has extended to his search for Russian oligarchs.

https://twitter.com/RUOligarchJets/status/1497739735753658371

Tracking the wealthy’s aircrafts, @RUOligarchJets shadows everything from jets and helicopters to private planes and commercial-sized aeroplanes, including those owned by the real high-flyer clients Vladimir Potanin—who’s Russia’s richest resident, by the way—Roman Abramovich, the owner of Chelsea FC who recently had to hand over the stewardship of his club and Alexander Abramov, a steel billionaire.

https://twitter.com/RUOligarchJets/status/1498618648147202053

While those of us on the ground are fascinated by the prospect of knowing the whereabouts of jet-owning billionaires, Howard noted that it doesn’t include contextualising the purpose of the said flights, the nitty gritty details would need to come from intelligence officers and investors.

Speaking to Bloomberg, Sweeney stated that he originally started the accounts because of requests he had received from fans to track their aircrafts. Information gathered from Radar Spots, a blog that has compiled a list of planes being tracked, easily allowed the teen to set up yet another Twitter trace account. And it paid off—@RUOligarchJets has already reached over 100,000 followers in just a few days.

“The aircrafts these oligarchs have are absolutely crazy,” Sweeney told Bloomberg, noting that Russia’s richest people were travelling on commercial-sized flights like an Airbus A319 and Boeing 737. “Their planes are huge compared to other jets.”

“People are obsessed with wealth more than ever. It’s almost a form of paparazzi, that’s why this is popular,” Howard told the outlet.

Speaking to NBC, Sweeney explained future plans by stating: “People have been asking me about Putin for a while, they wanted to know if they could track him. It’s just been crazy. I just figured some people would be interested in it. I just didn’t think all kinds of people would be.”

“One jet flying through Miami holding who knows who doesn’t mean anything. It doesn’t tell you what information matters and what context you need to make a decision,” Howard concluded. Nevertheless, Sweeney’s obsession with Musk has resulted in official merchandise of the billionaire smoking weed to fund his project. If that ain’t self-made success, I don’t know what is.

On Tuesday 11 January, 19-year-old David Colombo, a self-described “information technology security specialist and hacker,” wrote on Twitter that he had found flaws in a piece of third-party software used by a relatively small number of owners of Tesla cars, meaning that hackers could remotely control some of the vehicles’ functions.

So, I now have full remote control of over 20 Tesla’s in 10 countries and there seems to be no way to find the owners and report it to them…

— David Colombo (@david_colombo_) January 10, 2022

According to Colombo, the flaws gave him the ability to unlock doors and windows, start the cars without keys and even disable their security systems. He also claimed that he could see if a driver is present in the car, turn on the vehicles’ stereo sound systems and flash their headlights.

In other words, hacking into the third-party software in question offered him the chance to control pretty much what he wants in most Tesla cars. Considering the fact that a Massachusetts Institute of Technology (MIT) study confirmed that Tesla’s autopilot is unsafe back in September 2021, this potential addition to the infamous cars’ list of dangers came as yet another blow to Elon Musk’s company.

In an interview with Bloomberg, Colombo provided screenshots and other documentation of his research that identified the maker of the software and gave more details on the vulnerabilities it presents. He asked that the publication not publish specifics however, because the affected company had not published a fix at the time of writing. On Twitter, Colombo added that he could access more than 25 Teslas in at least 13 countries, which is why he decided to share this information on the social media platform when he wasn’t able to contact most of the owners directly.

Nevertheless I now can remotely run commands on 25+ Tesla‘s in 13 countries without the owners knowledge.

Regarding what I‘m able to do with these Tesla‘s now.
This includes disabling Sentry Mode, opening the doors/windows and even starting Keyless Driving.

[2/X]

— David Colombo (@david_colombo_) January 11, 2022

‘So what’s wrong exactly?’ some of you might be wondering. According to what Colombo told Bloomberg, “the problem involves an insecure way the software stores sensitive information that’s needed to link the cars to the program.” While it truly depends on who can access such information, in the wrong hands, it could be stolen and repurposed by hackers to send malicious commands to the cars, he continued to explain. He even showed Bloomberg screenshots of a private conversation he had on Twitter with one of the affected owners, who allowed him to remotely honk his car’s horn.

Since then, Colombo has been in touch with members of Tesla’s security team as well as with the maker of the third-party software. Tesla has a “bug bounty” programme where cybersecurity researchers can report vulnerabilities in the company’s products and, if validated, receive payment.

Addition as of 11. Jan 22:33 (CET)

Tesla‘s Security Team just confirmed to me they’re investigating and will get back to me with updates as soon as they have them.

[8/8]

— David Colombo (@david_colombo_) January 11, 2022

This latest discovery goes to show some of the remaining risks of moving to the so-called ‘Internet of Things’, where everything is connected online—thus becoming potentially vulnerable to hacking threats. “Just don’t connect critical stuff to the internet,” Colombo advised. “It’s very simple. And if you have to, then make sure it is set up securely.”