The 15th Pwn2Own competition took place in Vancouver last week, giving security researchers the opportunity to earn some big money by putting their hacking skills to the test.
Held at the CanSecWest security conference, the competition sees company’s giving up their products to see who can find previously undiscovered exploits within them.
One company that is a regular at the event is Tesla, and they returned this year to see who can find an exploit in their car’s infotainment system.
Only one group was able to do so, and that was the team from Synacktiv, a security company based in France, on the second day of the competition. In a video demonstrating the exploit of the Model 3s infotainment system, David Berard and Vincent Dehors were able to pop open the frunk and activate the headlights and wipers.
Due to the lower complexity of the exploit, the team won $75,000. Tesla will now have 90 days to produce a patch, as per the terms of the competition.
If their exploit was more complex, they could have walked away with as much as $600,000 and the Model 3 itself.
According to the event’s website, two other teams attempted to hack the Model 3 but were unsuccessful.
The @Synacktiv team shows off their remote exploit of the #Tesla Model 3. Earlier today, this research earned them $75,000 during #Pwn2Own. pic.twitter.com/PZDCcJJvcE
— Zero Day Initiative (@thezdi) May 20, 2022