UA glitch in the software allowed 19-year-old David Colombo to remotely control more than 25 Tesla cars in 13 different countries – managing to not only remotely start them but also spy on their drivers.
David Colombo lives in Germany and shared on Twitter what he managed to do, blaming the car owners for the vulnerability of the system and not the company founded by Elon Musk.
According to the Daily Mail, this flaw allowed David to unlock doors and windows, start cars without keys, disable security systems and use the vehicles’ internal cameras.
The young hacker told British newspaper DailyMail that “it’s not a vulnerability in Tesla’s infrastructure, it’s caused by the owners,” he said, further confirming that it is third-party software that is faulty.
“I’m in contact with Tesla’s product safety team,” he says, so that owners are notified of the defect and have it fixed.
So, I now have full remote control of over 20 Tesla’s in 10 countries and there seems to be no way to find the owners and report it to them…
– David Colombo (@david_colombo_) January 10, 2022
“I can look up the exact location [do carro], see if a conductor is present, and so on. The list is long. And yes, I could also remotely fool affected owners by playing Rick Astley on Youtube on his Tesla,” adds the hacker.
At issue is how the software stores the Tesla owner information needed to link cars to the program.