Modern cars are more like computers on wheels, so it’s no wonder hackers are trying to break into them. Some with ulterior motives, some on the contrary want to help detect security flaws. This includes 19-year-old ethical hacker David Colombo. He claims to have crashed into more than 25 Tesla cars in 13 different countries and can remotely open doors, windows, start a car (meaning allow someone to sit in the driver’s seat) or deactivate the car’s safety systems (Sentry Mode) and find out the exact position of the car. He can also turn on the radio out loud, which he considers dangerous if he does so while driving (especially at high speeds). He can’t drive cars remotely, but he could come to them, unlock them and leave.
Colombo has not released more details about the hack and claims that this is not a bug in Tesla’s software or its infrastructure. And here it gets a little more tangled. The young hacker says that this is a user error, which would rather suggest that he got their login details to the car application or something similar. On the other hand, he is already solving the problem with Tesla herself and the CVE code has also been reserved for him. It will be interesting to follow further developments and find out what the problem is and on whose side it is.
So, I now have full remote control of over 20 Tesla’s in 10 countries and there seems to be no way to find the owners and report it to them…
— David Colombo (@david_colombo_) January 10, 2022