A group of hackers found a serious vulnerability in a Tesla car.
This is the first time that a car brand participates in the Hacker Pwn2Own competition, organized by Trend Micros Zero Day Initiative.Tesla led the event to Model 3, sohackerscould find vulnerabilities in the vehicles system.
The Fluoroacetato team, formed by Richard Zhu and Amat Cam, accepted the challenge.The pair entered the Tesla Model 3 and, after a few minutes, managed tohacktheInternetbrowser.The two managed to display a message via a JIT (just-in-time) bug, which went through the data randomization memory system which supposedly would protect the car.
The efforts of Zhu and Cam earned them a monetary prize and the title of Master of Pwn of 2019, but, following the rules of the event, also gained the Model 3 that they managed to pirate.
Companies that participated in Pwn2Own received the details of the bugs exposed at the event and have 90 days to launch thesecuritypatchesthat correct the vulnerabilities.The Tesla team, for example, was pleased with the results of the competition: We entered with Model 3 in the world-famous Pwn2Own competition with the goal of involving the most talented members of the security research community and having exactly this type of feedback, it said in a statement.The company added that the software update to fix the bug will be released in the coming days.
Tesla has offered a reward program for bugs found in its electric vehicles over the past four years, and according to sources close to the company, hundreds of thousands of dollars have been paid to security researchers who reported vulnerabilities.The Fluoroacetate team is just one of many that are helping to increase the safety of Teslas electric vehicles by identifying bugs before malicious hackers exploit them for criminal activity.