Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Teen hacker claims to gain remote access to 25 Teslas in 13 countries

‘And yes, I also could remotely rick roll the affected owners by playing Rick Astley on Youtube in their Tesla‘s’, says the 19-year-old

Justin Vallejo
New York
Wednesday 12 January 2022 14:25 EST
Comments
This parody of a conversation between Elon Musk and Bernie Sanders is so well made you'll think it's real

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A 19-year-old security researcher from Germany claims to have remote access to more than 25 Tesla cars in 13 countries.

David Colombo, who has previously claimed to have found vulnerabilities in the US Department of Defence, said in a Twitter thread that a software flaw gave him remote command of the cars without the owners’ knowledge.

While not giving full remote control access to drive the car, Mr Colombo says he could disable security systems, open doors and windows, start the engine, flashlights, play music and "remotely rick roll the affected owners by playing Rick Astley on Youtube in their Teslas".

He said the vulnerability was the "fault" of the owner and not in Tesla’s infrastructure, adding that he could see if a driver is in the car and could identify its exact location.

"It’s primarily the owners (& a third party) fault," Mr Colombo told Bloomberg News.

Tesla did not respond to The Independent’s request for comment, but Mr Colombo said the company’s security team confirmed to him they are investigating the vulnerability.

"I think it‘s pretty dangerous, if someone is able to remotely blast music on full volume or open the windows/doors while you are on the highway," Mr Colombo said in a tweet.

"Even flashing the lights non-stop can potentially have some (dangerous) impact on other drivers."

The claims went viral online with more than 6,000 likes, but the details of the vulnerabilities have not been made public.

Tesla has a bug bounty program for researchers that can hack the car’s systems or identify vulnerabilities, with that rewards reportedly ranging from a free Model 3 to as much as $15,000.

Mr Colombo did not respond to questions about his claims by the time of publication.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in