Fifty self-driving cars converged on San Francisco’s longest dead-end street in July 2025, creating what tech prankster Riley Walz dubbed the “world’s first Waymo DDoS.” The 23-year-old software engineer coordinated simultaneous ride requests through the app, sending an entire fleet of Jaguar I-Pace robotaxis to the same impossible destination.
While participants never entered the vehicles, the stunt exposed vulnerabilities in autonomous vehicle transportation that feel ripped from dystopian fiction. You’re looking at a real-world stress test that revealed how digital coordination can disrupt physical infrastructure in ways traditional cybersecurity never anticipated.
The Technical Execution
Walz organized exactly 50 people to request rides to the same dead-end location simultaneously. The Waymo vehicles dutifully arrived, creating a bizarre traffic jam of empty cars waiting for passengers who never came.
None of the conspirators entered their assigned vehicles, treating the exercise as a stress test rather than actual transportation. The cars remained idle for approximately ten minutes before automatically departing, each charging the standard $5 no-show fee to the pranksters who summoned them.
Fleet-Level Countermeasures
The company’s reaction proved more interesting than the prank itself. Within hours, Waymo temporarily disabled all ride requests within a two-block radius until the following morning, demonstrating fleet-level geofencing controls that can quarantine entire neighborhoods.
This rapid countermeasure suggests the company anticipated coordinated system abuse, even if they didn’t expect it to manifest as physical traffic jams. Waymo characterized the incident as helpful for refining service protocols in complex urban environments, according to Road and Track.
Smart City Vulnerability Preview
This wasn’t traditional cybersecurity exploitation—no servers crashed, no data was stolen. Instead, Walz weaponized normal app functionality to create physical-world chaos, illustrating how smart city infrastructure becomes vulnerable to coordinated misuse.
You’re witnessing the early stages of a new attack vector where digital coordination can disrupt physical space. The same vulnerabilities exist across ride-hailing, food delivery, and eventually any on-demand service that moves objects through urban space.
The incident follows Walz’s previous SF parking citation tracking app, which city officials quickly neutralized after media attention. Public response split between amusement and genuine concern about autonomous vehicle readiness for widespread deployment, according to Hoodline reporting.
This stress test revealed both system weaknesses and robust response capabilities—but it also previewed the regulatory challenges cities face when transportation becomes programmable.
