Teen hacker gains remote control of over 20 Teslas

Daniel Sims

Daniel Sims

Posts: 396   +17
Staff
Facepalm: This week, a teenager reported that he has gained remote access to around two dozen Tesla cars in multiple countries and is trying to contact their owners. The list of things he can do to the affected vehicles is long and dangerous.

Nineteen-year-old IT security specialist David Columbo reported in a Twitter thread Monday and Tuesday that he gained complete control of over 25 Teslas in 13 countries without their owners knowing. He doesnā€™t want to disclose exactly how he did it until he reports the vulnerability to the non-profit Mitre. However, Columbo did say it was due to errors on the ownersā€™ part, not a security flaw in Teslaā€™s software.

Columbo said he could search the precise location of each car, disable their security, open their doors and windows even while theyā€™re on the road, play music and YouTube videos at full volume, and more. While Columbo canā€™t remotely drive the cars, he could steal them if he were at their physical locations. Teslaā€™s security team has already told Columbo theyā€™re looking into it.

Even though Columbo says this isn't Tesla's fault, it could still be a PR issue for the company, painting the cars as ever more vulnerable in consumers' minds. Near the end of last year, Tesla recalled a significant number of vehicles sold in the US over trunk lid problems. This incident could also affect the development of Tesla's self-driving mode, which is still in beta.

Permalink to story.

https://www.techspot.com/news/92971-teen-hacker-gains-remote-control-over-20-teslas.html

 
scavengerspc

scavengerspc

Posts: 2,351   +2,466
TechSpot Elite
Dimitriid said:
Time for me to be inflammatory again but the kind of person that buys a Tesla seems to me to also be the exact kind of person who sets his password as "password" without giving it a second thought and then buys and NFT monkey.
Click to expand...
I can agree with that. You aren't going to see many failures buying either.
 
YouShallNotPass

YouShallNotPass

Posts: 26   +63
If he can play custom YouTube on the car, he obviously can contact the owner by video. He is either not very smart or just trying to get famous by going public.
 
Morphine Child

Morphine Child

Posts: 122   +202
Soon we will have cars with day one patches, DLCs and whatnot. And a few teen hackers remotely driving their annoying and rich grandparents into a river with locked doors... oh the possibilities.
 
  • Like
Reactions: wizardB and terzaerian
J

JamesBlond

Posts: 171   +120
I take it nobody thinks its a plan...... why is there law against creating 2048bit encryption apps and hardware combo's ...?? Maybe because if its too hard for the FBI to hack your car its not good for them..???
 
  • Like
Reactions: beardrinksbeer
C

ChrisH1

Posts: 190   +89
Dimitriid said:
Time for me to be inflammatory again but the kind of person that buys a Tesla seems to me to also be the exact kind of person who sets his password as "password" without giving it a second thought and then buys and NFT monkey.
Click to expand...
A generalization. I bought a Tesla, and have never set my password to 'password' or anything like it (I.e. easy to guess) in my entire life.
 
T

Theinsanegamer

Posts: 3,317   +5,508
See...this is why I love my 30 year old truck. Cant hack a computer if it doesnt exist (or in my case, uses a 6 it cut down 8086).
Dimitriid said:
Time for me to be inflammatory again but the kind of person that buys a Tesla seems to me to also be the exact kind of person who sets his password as "password" without giving it a second thought and then buys and NFT monkey.
Click to expand...
I imagine the people who buy most teslas are the same ones that buy the newest, highest end iphone every year and subsribe to every streaming service rather then buy something they want.

model 3s are cheap enough though you see people who only buy the newest, highest end iphone every 2 years.
 
  • Like
Reactions: wizardB
D

Dr Roboto

Posts: 17   +32
cliffordcooley said:
This is why you don't integrate infotainment with any vehicle controls. Vehicle controls needs to be isolated from all other systems.
Click to expand...
The hacker states that it not the fault of Telsa. I have to disagree. Why on earth would a person need to remotely access a lot of these features from the internet? Seriously, the security of a Telsa does not seem to be any stronger then the same password you use to login into TechSpot. You know the same passwords that people make too obvious (123456, etc.) or are stolen on a daily basis from company security breaches.

IMO, Telsa is so focused on being a cutting edge, game changing company that sometimes they just fail at basic common sense. A lot of times it works for them, but sometimes you have to look at it this way: "Just because you can, doesn't mean you should."

Now get off my lawn ;)
 
  • Like
Reactions: wiyosaya, terzaerian and cliffordcooley
netman

netman

Posts: 754   +317
This could be disastrous for Musk...! If the car parts are to blame, ALL the Teslas in the World need to be recalled...!
 
You must log in or register to reply here.

Similar threads

midian182
Investigators say the mastermind behind Lapsus$ hacking group is a UK teen who lives with...
Replies
12
Views
360
McMurdeR
M
midian182
Nintendo says thank you after hacker Gary Bowser is given 40-month sentence
2
Replies
28
Views
1K
ZedRM
ZedRM
Cal Jeffrey
Nearly half a million Teslas have been recalled in the US over trunk lid issues
Replies
5
Views
456
Faelan
F

Latest posts