Teen hacker claims to gain remote access to 25 Teslas in 13 countries

‘And yes, I also could remotely rick roll the affected owners by playing Rick Astley on Youtube in their Tesla‘s’, says the 19-year-old

Justin Vallejo
New York
Wednesday 12 January 2022 19:25
Comments
This parody of a conversation between Elon Musk and Bernie Sanders is so well made you'll think it's real
Leer en Español

A 19-year-old security researcher from Germany claims to have remote access to more than 25 Tesla cars in 13 countries.

David Colombo, who has previously claimed to have found vulnerabilities in the US Department of Defence, said in a Twitter thread that a software flaw gave him remote command of the cars without the owners’ knowledge.

While not giving full remote control access to drive the car, Mr Colombo says he could disable security systems, open doors and windows, start the engine, flashlights, play music and "remotely rick roll the affected owners by playing Rick Astley on Youtube in their Teslas".

He said the vulnerability was the "fault" of the owner and not in Tesla’s infrastructure, adding that he could see if a driver is in the car and could identify its exact location.

"It’s primarily the owners (& a third party) fault," Mr Colombo told Bloomberg News.

Tesla did not respond to The Independent’s request for comment, but Mr Colombo said the company’s security team confirmed to him they are investigating the vulnerability.

"I think it‘s pretty dangerous, if someone is able to remotely blast music on full volume or open the windows/doors while you are on the highway," Mr Colombo said in a tweet.

"Even flashing the lights non-stop can potentially have some (dangerous) impact on other drivers."

The claims went viral online with more than 6,000 likes, but the details of the vulnerabilities have not been made public.

Tesla has a bug bounty program for researchers that can hack the car’s systems or identify vulnerabilities, with that rewards reportedly ranging from a free Model 3 to as much as $15,000.

Mr Colombo did not respond to questions about his claims by the time of publication.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in