A young hacker aged just 19 was able to find a flaw in a Tesla electric car system. The young man was able to open doors and even monitor cameras from 25 vehicles in 13 different countries
An error in the software of Tesla's electric cars allowed the young hacker David Colombo, 19 years old, to have control of more than 25 electric cars of the brand in 13 different countries, managing not only to start them remotely, but also to spy on their drivers. The hacker lives in Germany and shared on his Twitter what he managed to do.
Read other related news
Hacker blames Tesla owners for vulnerability
In the tweet, the young hacker blames electric car owners for the vulnerability of the system and not Tesla, founded by Elon Musk. According to the Daily Mail newspaper, this failure allowed David to unlock windows and doors, disable security systems, turn on vehicles and even use the internal cameras of Tesla models.
The hacker told the British newspaper that it is not a vulnerability in the automaker's infrastructure, but generated by the owners of electric cars, confirming that it is third-party software that is defective.
- New Yamaha RX 180 2025: The triumphant return of a road legend!
- BE CAREFUL, more than 2 thousand km of highways will be privatized with free flow electronic tolls and those who do not pay may accumulate some 'points' in their wallet!
- Goodbye, combustion cars? Discover the 5 cheapest hybrid cars in Brazil: economy and technology at your fingertips!
- Love sedans? Check out 5 new releases that will arrive in Brazil in 2025 to oust the current favorites: SUVs
David highlighted that he is contacting the automaker's product safety team, so that vehicle owners are notified of the defect and that it is corrected.
Young man details what he could do with electric cars
David says it was possible to query the exact location of Tesla electric cars, see if a driver is present in the vehicle, and so on. The list is long, and you can also, remotely, deceive the owners of the affected vehicles by playing “Rick Astley” on Youtube from your Tesla, for example.
Without revealing the reasons or details of the vulnerability, the hacker made it clear that he does not have the ability to intervene in the acceleration, steering or brakes of electric cars. However, he reports that this could potentially happen.
On the 11th, the young man contacted the company, which said it was investigating the case. It is worth remembering that flaws like this can earn hackers up to US$ 15. Tesla maintains a bounty program for those who discover bugs in its systems through Bugcrowd, a bounty and vulnerability disclosure platform.
Tesla has been hacked before
In 2020, a team of researchers from the Cosic group at KU Leuven University in Belgium managed to hack and steal a Tesla Model X in just two minutes. In the attack, researchers exploited the vulnerability in the Bluetooth communication between the electronic key and your vehicle.
The equipment needed was a new key and a Raspberry Pi, an engine control unit, which together cost $200. Malicious actors had the ability to modify the old control unit to trick the victim's electronic key into believing it belonged to your vehicle. Then it was just a matter of sending a malicious firmware update to the key via the BLE protocol.