Two days ago, on January 10, 19-year-old David Colombo from Germany tweeted that he was able to gain freelance access to 25 Tesla vehicles in 13 countries around the world. The young hacker clarified that he gained access to certain functions of the car solely due to the fact that the owners of these vehicles use third-party services and API keys, the vulnerabilities of which the attacker exploited. The user himself emphasized that vulnerabilities in Tesla’s infrastructure were not used to gain remote access to cars.
Judging by the message of the hacker on the social network, he can remotely disable the Sentry mode (video surveillance mode inside the car), unlock the doors of the vehicle or open the windows, and also start the car without a key – and all this happens without the knowledge of the owner of the electric car, since he do not get. Theoretically, these functions would allow intruders to gain access to the personal belongings of the owner of the car, as well as to the vehicle itself, since all the necessary opportunities for theft are available – the hacker could even see the location of the car on the map.
So, I now have full remote control of over 20 Tesla’s in 10 countries and there seems to be no way to find the owners and report it to them…
– David Colombo (@david_colombo_) January 10, 2022
However, the user noted that he was not going to use these opportunities for evil – instead, he actively tried to contact the owners of vehicles, which he, in fact, hacked into, in order to tell them how to better protect their cars from hackers. And although plans to find owners were unsuccessful, Colombo has already announced that Tesla has contacted him to eliminate the vulnerability and inform motorists about it during the cooperation. One can only hope that the security hole will be closed, and the hacker will receive an appropriate reward for the bug found.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
