David Colomb, a 19-year-old cybersecurity specialist, announced on Twitter that he had found a flaw in the Tesla infrastructure. By exploiting the latter, he managed to hack 25 of them, in more than ten different countries. He can thus control them remotely, for example by activating the headlights or the radio.
If for many, Tesla revolutionized the automotive industry, Elon Musk’s firm did so at the cost of safety. By offering its infotainment system, the latter opened the way for hackers to a completely different category of hacking. Indeed, like any other electronic system, vehicles are prone to security breaches, some of which pose a high risk. This is how it was, for a time, possible to steal a Model X in just 90 seconds, or even access certain confidential data via Powerall batteries.
A young, self-proclaimed cybersecurity specialist, meanwhile, has raised the bar to a whole new level. On Twitter, David Colombo claims to have currently full control over 25 Tesla cars, located in 13 different countries. He can thus, remotely, “deactivate Sentinel mode, open the doors and windows and even start the car without the keys”. To do this, he detected a flaw in the firmware of the vehicles, without giving further details.
At just 19, he controls 25 Tesla remotely
Indeed, David Colombo specifies that he does not want to expose the method used before Tesla solves the problem, in order not to give ideas to malicious individuals. “That’s why I’d like to get everything sorted out before I post specific details on what exactly it is”, he wrote. We can understand it. This flaw seems to give him considerable power over cars, allowing him to turn on the headlights and use the speakers.
Related: Tesla Mobilizes Fans for the Right to Sell More Cars in NYC
“I think it’s pretty dangerous, if someone is able to remotely stream music at full volume or open windows/doors while you’re on the highway. Even flashing the lights non-stop can potentially have a (dangerous) impact on other drivers. » Yesterday Tesla responded to his pleas and finally fixed the vulnerability.