How A Hacker Gained Control Of The Entire Tesla Fleet And Could Move The Cars At His Command

As cars become increasingly connected, there is a dire need for ensuring that they are secured over the network. Results, otherwise, could be dramatic in some cases. A new report now gives us a glimpse of the same.

As per a report by Electrek, a hacker was able to access US EV major Tesla¡¯s server a few years back. Exploiting the vulnerabilities in the security system at the time, the hacker gained control over Tesla¡¯s entire fleet. Thankfully though, this hacker was a good guy and did not mean harm.

The report highlights a hack in 2017 carried out by a guy named Jason Hughes. As per the report, Hughes was already known in the Tesla community at the time, with the alias WK057 on Tesla forums.

At the time, Hughes was building off-grid energy storage systems and electric conversion kits by using parts from salvaged Tesla vehicles. In addition, he was also an early member of a group of Tesla owners called the Tesla ¡°root access¡± community. The group focused on hacking their own Tesla cars to unlock unreleased features on the cars.

Hughes also used his experience with Tesla vehicles for Tesla bug bounty programs. This refers to a practice of ethical hacking wherein tech majors reward hackers who expose a security loophole in their systems.

The initial bug hunt

(Representative Image: Tesla)

The network-wide hack by Hughes took place when Tesla started releasing more data about Supercharger stations for its customers. Through this, Tesla owners could see how many chargers were available at any time at a specific charging station.

It was this data that Hughes managed to extrapolate. He found a loophole in the server-side of the mechanism that allowed him to ¡°basically get data for every Supercharger worldwide about once every few minutes,¡± Hughes told Electrek.

Upon having access to the data, Hughes shared it on the Tesla Motors Club forum. A Tesla employee responded to the post, saying that the company didn¡¯t want the data to be public.

Hughes then discussed the security vulnerability on a conference call ¡°with the head of the Supercharger network and the head of software security at Tesla.¡± He later received a $5,000 reward on reporting the Supercharger data vulnerability through Tesla¡¯s bug bounty program.

The big catch

(Representative Image: Tesla)

Having experienced the bugs on Tesla servers, Hughes decided to further his search for such loopholes on the Tesla network. He was soon able to find what he was looking for.

Hughes realised that a few of the bugs could be chained together, known as a bug chain, that would give him more access to the Tesla network. ¡°Eventually, I managed to access a sort of repository of server images on their network, one of which was ¡®Mothership¡¯,¡± he told Electrek.

Mothership is Tesla¡¯s home server that is used to communicate with its customer fleet. That means every information, including remote commands, from a Tesla car to Tesla servers goes through ¡°Mothership.¡±

Using the VPN connection of his own car, Hughes was soon able to land on a developer network connection. That¡¯s when he found a bug in the Mothership that allowed him to pose as any other car in the Tesla network.

To authenticate his commands as those from any other car, Hughes just needed that car¡¯s VIN number. Since he had access to all the VIN numbers through Tesla¡¯s ¡°Tesladex¡± database, he could practically get information about any Tesla car and even send commands to those cars.

In short, Hughes could control any Tesla car in the fleet.

When Hughes reported the bug to Tesla¡¯s head of software security, Tesla awarded him a special $50,000 bug report reward. The report mentions the amount to be ¡°several times higher than the max official bug reward limit:¡±

The entire bug chain was soon fixed after the report. Since then, Tesla has come a long way with its cyber security, just as it keeps on bringing new autonomous features to its vehicles. These features require an end-to-end protection of information transfer or we can be seeing something very close to what we have only seen in movies so far - a complete anarchy on roads caused by driverless cars.