Nineteen-year-old hacker David Colombo recently claimed he has taken over more than 20 Tesla vehicles in several countries through the use of a software vulnerability called the "Teslamate.".
Based in Germany, Colombo shared what he considered an "achievement" on Twitter, saying it is not the Elon Musk-financed firm's fault, but of the Tesla vehicles' owners instead, a Mail Online report specified.
The flaw is said to have been discovered in the said third-party software that allowed the hacker to unlock the cars' doors and windows, start them without keys and deactivate security systems.
Access to Tesla's Internal Cameras
Colombo also tweeted the susceptibility allows him to use the internal cameras of Tesla to spy on the driver. In this media report, the teenager said it is not a vulnerability in the infrastructure of Tesla, yet caused by the owners of the car manufacturer and a third party.
As indicated in a similar The World News report, Colombo confirmed that third-party software is at fault. He explained, he's "in contact with the Tesla Product Security Team," and the third-party maintainer to coordinate disclosure and notify the affected owners as well, as alleviation or patch for the susceptibility rolled out.
The issue with the Teslamate software is how it stores the vehicle owner's information that's needed to link the car to the program.
In the thread of tweets, the hacker stated he could unlock the doors remotely and begin to drive the Tesla.
Nonetheless, he continued, he cannot intervene with a person driving "other than starting music" at maximum volume or flashing lights.
Guesses on Twitter
Even though this teenage hacker has not given the software's details, users of Twitter have made their guesses. One Tweet said, Tesla owners used an "open-source project called Teslamate" and then had it configured incorrectly so that anyone could have remote access to it.
Essentially, Teslamate is a self-hosted data logger. It is also a visualization tool for a person's Tesla. Tyler Corsair posted numerous updates from similar third-party software firms, like TezLab, TeslaTip, and TeslaFi, among others, claiming they had seen Tesla accounts disconnect from the service, all of which was because of Colombo penetrating the systems.
Many third-party services have been affected by this recent issue with Tesla in different ways. For the majority, just reconnecting their Tesla Account will resolve the issue.
He continued explaining in another Twitter post that the warning of Colombo is not as dramatic as it may appear. Specifically, he tweeted, the security researcher @david_colombo seems to be "over-hyping" the seriousness of the issue to gain followers. He, therefore, recommended, "pretty safe to disregard the thread."
Colombo's Claim
In response to what Corsair tweeted, Colombo said he does not think he is trying to make the issue look worse as it is. However, he said he completely understands that there is a lot of hype and speculation surrounding the issue because of the limited details he can provide the public at this point in the revelation.
He continued explaining that if it were not an issue, there would be no investigation by the Tesla Security team. He also maintained, if his reports to the involved parties would not have some seriousness, then perhaps, the Tesla Security Team would investigate such an issue.
Report about Colombo taking control of Tesla cars through third-party software is shown on Inside Stories' YouTube video below:
RELATED ARTICLE : Driverless Tesla Car Crashes in Texas; What Went Wrong?
Check out more news and information on Tesla in Science Times.