Tesla researchers received $100,000 and a Model 3 electric car for hacking Tesla

Read full version

As part of the Pwn2Own information security conference taking place this week in Vancouver, researchers managed to hack Tesla’s security system twice. For this, they received a reward of $100,000 and a Tesla Model 3 electric car.

Image Source: electrek.co

Tesla has long been working to improve the security of the software used in its electric vehicles and has been participating in the annual Pwn2Own conference for several years. As part of the current event, the researchers carried out a successful attack once morest the Tesla security system twice.

In the first case, specialists from Synacktiv conducted a successful time-of-check to time-of-use (TOCTOU) attack once morest Tesla Gateway. This type of vulnerability allows you to bypass the security check system by using the time interval between checking the resource for security and its use. The researchers successfully changed the state of a secure resource following performing a security check, but before an authorized user was able to access it. As a result, they were able to gain root access to the Tesla system and take full control of the attacked electric car.

In the second successful attack by Synacktiv specialists via Bluetooth, the Model 3 infotainment system was hacked. In total, the Synacktiv team members successfully completed most of the attempts to hack various products, earning 53 Master of Pwn points and receiving a total of $ 530 thousand in the form of rewards.



Leave a Replay