Tesla car hacked at Pwn2Own contest

Tesla car hacked at Pwn2Own contest 1

[youtube https://www.youtube.com/watch?v=cO2ObIbGghw&w=500&h=282]

A team of security researchers has hacked a Tesla Model 3 car on the last day of the Pwn2Own 2019 hacking contest that was held this week in Vancouver, Canada.

Team Fluoroacetate –made up of Amat Cama and Richard Zhu– hacked the Tesla car via its browser. They used a JIT bug in the browser renderer process to execute code on the car’s firmware and show a message on its entertainment system.

As per contest rules announced last fall, the duo now gets to keep the car. Besides keeping the car, they also received a $35,000 reward.

“In the coming days we will release a software update that addresses this research,” a Tesla spokesperson told ZDNet today in regards to the Pwn2Own vulnerability. “We understand that this demonstration took an extraordinary amount of effort and skill, and we thank these researchers for their work to help us continue to ensure our cars are the most secure on the road today.”

Tesla car hackers also won competition

Not coincidentally, Team Fluoroacetate also won the three-day contest after earning 36 “Master of Pwn” points for successful exploits in Apple Safari, Firefox, Microsoft Edge, VMware Workstation, and Windows 10.

The duo earned $375,000 in prize money, of the total of $545,000 awarded during the whole three-day competition.

This is the second Pwn2Own hacking contest Team Fluoroacetate have won, after also ranking first and receiving the “Master of Pwn” trophy at the Pwn2Own Tokyo conference in November 2018.

What is Pwn2Own?

Pwn2Own, organized by Trend Micro’s Zero-Day Initiative team, is considered the top hacking contest for white-hat researchers in the information security (infosec) world.

Security researchers gather at Pwn2Own competitions and demonstrate exploits against a list of pre-defined targets (software). They earn points and money for each successful exploit. All vulnerabilities used in the hacking contest must be new, and they are immediately disclosed to the software vendors.

Over the past few years, many of the companies which had their apps hacked at Pwn2Own are now sponsoring the contest, and have engineers on-site to receive the vulnerability reports from the researchers themselves, sometimes delivering patches within hours.

This year, Mozilla patched Firefox a day after researchers demoed two exploits at Pwn2Own –see v66.0.1 changelog.

Besides Firefox and Tesla’s browser, at this year’s Pwn2Own researchers also exploited vulnerabilities in Apple Safari, Microsoft Edge, VMware Workstation, Oracle Virtualbox, and Windows 10

The video summary for Pwn2Own’s day three is at the top of this article, while summaries for the first two days are embedded below.

[youtube https://www.youtube.com/watch?v=lJbMBVyyEQA&w=500&h=282]

[youtube https://www.youtube.com/watch?v=It1ReJl3JJA&w=500&h=282]

More vulnerability reports:

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin29,261 0.48 % 3.74 % 2.21 %
Ethereum1,972.2 0.66 % 4.20 % 2.65 %
Tether1.000 0.06 % 0.14 % 0.11 %
BNB325.07 0.60 % 0.61 % 9.02 %
USD Coin0.9989 0.16 % 0.08 % 0.04 %
XRP0.4063 1.07 % 3.82 % 4.07 %
Binance USD0.9995 0.19 % 0.22 % 0.24 %
Cardano0.9566 0.22 % 0.68 % 6.96 %
Solana49.26 1.15 % 7.82 % 8.18 %
Dogecoin0.08366 0.84 % 4.81 % 4.93 %

Bitcoin (BTC) $ 29,376.00
Ethereum (ETH) $ 1,982.08
Tether (USDT) $ 1.00
BNB (BNB) $ 327.86
USD Coin (USDC) $ 1.00
XRP (XRP) $ 0.408874
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.520204
Solana (SOL) $ 49.79
Dogecoin (DOGE) $ 0.084682