[imagesource: Reuters]

A German teenager is making a name for himself in the cybersecurity world by taking advantage of some of Tesla’s weak points.

The 19-year-old security expert claims that he managed to hack into 25 Teslas in 13 countries.

Through the hack, the teen said he was able to remotely open the doors and windows, turn on some music, flash the headlights, and even start the engines.

Luckily, the hack didn’t allow him to drive the car remotely (just start it).

David Colombo is the name:

Image: David Colombo.net

You can bet that Elon Musk is totally shvitzing right now.

Eight years after Chinese hackers were able to activate the horn, headlights, and door locks of a Tesla Model S, there are clearly still some serious vulnerabilities for the electric vehicle giants.

Colombo addressed the whole hacking problem on Twitter, with a 10-part thread:

So, I now have full remote control of over 20 Tesla’s in 10 countries and there seems to be no way to find the owners and report it to them…

— David Colombo (@david_colombo_) January 10, 2022

Besides being able to distract the driver into a potentially dangerous situation, the bug also allowed Colombo to track the car’s location at all times, and even change its destination if the vehicle was driving itself.

Yikes.

Although, Colombo was kind enough to mention that the bug was also due to faults by the car owners themselves without giving any more details away.

Tesla was quick to zone in, with a security team investigating the matter, reported Colombo and The Telegraph:

Tesla allows third-party apps to access data about their cars, which experts suggested may be the source of the vulnerability. Tesla reset several thousand “tokens”, which match an app user to a car, on Tuesday, according to one app.

Tyler Corsair, the founder of Teslascope, an app that gives owners analytics about their cars, said the bug was likely to be related to a small number of people operating their own version of a separate analytics program called Teslamate.

Mr Colombo said he had alerted Tesla to the problem and was trying to locate the individual owners affected.

The New York Post reported that Colombo ha s been coding from the age of 10, and according to his LinkedIn profile, his company’s goal is to “help every business to get protected from the ever-evolving and dangerous threat actors in the cyberspace”.

Perhaps Musk should hire Colombo and get this whole thing sorted in one shot.

[sources:telegraph&newyorkpost]