Portuguese 
English 
Spanish 
3 min of reading 
A young hacker at the age of 19 was able to find a flaw in a Tesla electric car system. The young man could open doors and even monitor cameras of 25 vehicles in 13 different countries
A flaw in the software of Tesla’s electric cars allowed young hacker David Colombo, 19, to take control of more than 25 cars from the brand in 13 different countries, enabling him not only to start them remotely but also to spy on their drivers. The hacker lives in Germany and shared on his Twitter what he was able to do.
Read Other Related News
Hacker Blames Tesla Owners for the Vulnerability
In the tweet, the young hacker blames the owners of the electric cars for the system vulnerability and not the car manufacturer Tesla, founded by Elon Musk. According to the Daily Mail, this flaw allowed David to unlock windows and doors, disable security systems, start the vehicles, and also use the internal cameras of Tesla models.
-
Better than Corolla? Used Arrizo 6 delivers luxury and turbo engine for the price of a compact
-
The BYD Tai S Ti7 bets on a boxy design and could become the top-of-the-line model in Brazil with 488 hp, over 70 kgfm of torque, 0 to 100 in 4.9 seconds, 5.1 meters in length, and a range exceeding 900 km.
-
‘All in one’: revolutionary engine comes to life with a 1.5-liter [engine] of up to 163 hp, two electric motors, and a compact hybrid system that promises to transform any electric car into a long-range hybrid
-
With a single-cylinder engine, the new Yamaha gets 80 km with 2 liters, delivers 12 hp at 8,000 rpm, features traction control, a 19% stiffer chassis, 267 mm brakes, and a 4.6-inch digital panel for around R$ 12,000.
The hacker told the British newspaper that it is not a vulnerability in the manufacturer’s infrastructure, but rather generated by the owners of the electric cars, confirming that it is a third-party software that is faulty.
David noted that he is contacting the car manufacturer’s product security team so that the vehicle owners are notified of the defect and it can be fixed.
Young Man Provides Details on What He Could Do with the Electric Cars
David says it was possible to check the exact location of Tesla electric cars, observe if a driver is present in the vehicle, and so on. The list is long, also having the possibility to remotely trick the owners of the affected vehicles by playing “Rick Astley” on their Tesla’s YouTube, for example.
Without revealing the reasons or details of the vulnerability, the hacker made it clear that he does not have the capability to intervene in the acceleration, steering, or braking of the electric cars. However, he reports that this could potentially happen.
On the 11th, the young man contacted the company, which stated it is investigating the case. It is worth noting that flaws like this can earn hackers up to US$ 15,000. Tesla maintains a reward program for those who discover errors in its systems through Bugcrowd, a vulnerability disclosure and reward platform.
Tesla Has Been Hacked Before
In 2020, a team of researchers from the Cosic group at KU Leuven University in Belgium managed to hack and steal a Tesla Model X in just two minutes. In the attack, the researchers exploited a vulnerability in the Bluetooth communication between the electronic key and its vehicle.
The necessary equipment was a new key and a Raspberry Pi, a motor control unit, which together cost US$ 200. Malicious agents had the ability to modify the old control unit to deceive the victim’s electronic key into believing it belonged to their vehicle. Then, it was just a matter of sending a malicious firmware update to the key via the BLE protocol.
Be the first to react!