The Exploit

Notes from the Front Lines of Penetration Testing

So, I Hacked a Tesla . . .

So, I Hacked a Tesla . . .

Written by

Adam Fernandez

Tesla deserves great credit for bringing electric vehicles into the mainstream. Say what you will about Elon Musk, his vision is proving wildly successful in a space where many others have failed.

Even so, if the two of us could have a conversation, I’d probably recommend that the company invest more time and resources in cybersecurity for its vehicles. 

Here’s why:

Recently I decided to see how easy it would be for my personal Tesla to be hacked — and stolen. As you will see in the video below, with some commonly used tactics, it was relatively quick and easy. 

The attack demonstrated in the video relies on phishing to get the victim’s credentials. At that point, the hacker has complete control and can do pretty much whatever they wish — including unlocking the car and driving away. 

The video demonstrates why, if you’re not careful, your Tesla could be compromised and stolen without a lot of effort from the attacker. 

Until the company itself adds more protection, it’s up to you to take some basic precautions. By the way, it’s wise to follow these practices no matter if it’s your Tesla, your bank account, your Twitter feed, or any online account.

  • Stay vigilant and question any WiFi network that asks you to connect.
  • Never give account information, credentials, or access tokens to a third party unless it is absolutely necessary.
  • Every account you create should have a unique and strong password. Every. Single. Account.
  • If your account is compromised, immediately reset your password and let the company or companies know.

Here at Raxis, we offer a broad range of services to help find security vulnerabilities within your organization. And though a typical penetration test would not uncover this type of vulnerability, a Raxis red team assessment could. 

Our red team assessments tests your organization’s security from top to bottom and end to end to uncover any way your network can be compromised by a skilled and determined attacker. If you are ready to take control of your company’s security, contact us and let us see how we can help. 

Written by

Adam Fernandez

Adam Fernandez joined Raxis in 2017 as a penetration tester and now serves as the Technical Director and Product Owner of Raxis One. His technical journey began early, creating software solutions even during his college years at Kennesaw State University, and he continues to excel at crafting intuitive user experiences to meet customer needs. While away from his desk, Adam enjoys exploring new technologies, playing board games with his family, and spending time with his White Swiss Shepherd, Holly.

Adam Fernandez
Adam Fernandez joined Raxis in 2017 as a penetration tester and now serves as the Technical Director and Product Owner of Raxis One. His technical journey began early, creating software solutions even during his college years at Kennesaw State University, and he continues to excel at crafting intuitive user experiences to meet customer needs. While away from his desk, Adam enjoys exploring new technologies, playing board games with his family, and spending time with his White Swiss Shepherd, Holly.

Posted on

Categories:

Also by Adam Fernandez
  • Cool Tools Series: NMAP for Penetration Tests
  • OWASP Top 10: The Bedrock of an Application Penetration Test
  • Adam Fernandez, Lead Developer
  • Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective

Human Vs AI Pentesting

While AI tools offer speed in detecting known vulnerabilities, they fall short with 20-35% false positives and only 50-65% success on complex threats like business logic flaws, as per mainstream reports from Verizon and OWASP. Human penetration testers at Raxis deliver 85-90% detection rates, precise prioritization, and ethical adaptability, ensuring your organization stays ahead of real-world attacks.

Learn More

Partner With Raxis

Partnering with Raxis empowers your business with elite penetration testing services, competitive reseller pricing, and recurring revenue opportunities, all backed by a proven track record of excellence and a commitment to staying ahead of evolving cybersecurity threats.

Learn More

Penetration Testing

Tailored, expert-led penetration testing services that uncovers hidden vulnerabilities using real-world hacker techniques, providing actionable insights to strengthen your defenses and protect against sophisticated cyber threats.

Learn More

Read More From The Exploit

  • Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

    Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios
    By Ryan Chaplin • August 26, 2025
    Read More
  • Choosing a Penetration Testing Company: Part 3

    Choosing a Penetration Testing Company: Part 3
    By Caroline Kelly • July 29, 2025
    Read More
  • Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities

    Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities
    By Jason Taylor • July 22, 2025
    Read More
  • Choosing a Penetration Testing Company: Part 2

    Choosing a Penetration Testing Company: Part 2
    By Brad Herring • July 1, 2025
    Read More

Ready to See Raxis One In Action?

See how we transform traditional pen testing into interactive security intelligence that keeps you informed every step of the way. From real-time attack progression to detailed remediation guidance, Raxis One gives you unprecedented visibility into your security posture as it’s being tested.

Schedule a Demo