Tesla hacked at inaugural Pwn2Own Automotive

Tesla is one of the title sponsors at the first ever Pwn2Own Automotive event, and on the first day a Tesla modem was hacked by a group with a long history of exploiting vulnerabilities in the automaker’s coding.

Pwn2Own, an established computer hacking contest with a 16-year history, has frequently involved Tesla, with the company offering up cars and cash to anyone who can find and exploit a vulnerability within their systems. This has happened several times over the years, most of the time by a hacking group called Synacktiv, who last year were awarded a Model 3 and $100,000 following a successful hack.

This competition typically covers a broad range of topics, including an automotive category, but now for the first time a new iteration of the Pwn2Own contest focused solely on identifying security flaws in connected vehicles is taking place in Tokyo.

On the first day Synacktiv was at it again, taking home $100,000 by hacking a Tesla modem, the biggest award of the day. According to the Zero Day Initiative (@thezdi), the Syacktiv team successfully exploited three zero-day bugs to get root permission on a Tesla modem.

Credit: ZDI

The Syancktiv team isn’t done there. On Thursday the group is also attempting to target the Tesla infotainment system with a Sandbox escape. A sandbox escapes refers to a technique used in computer security where a malicious program or process bypasses the restrictions imposed by a sandbox, which is an isolated computing environment created to run code from unknown or potentially harmful sources so that it cannot harm the host system or access unauthorized resources.

Are you buying a Tesla? If you enjoy our content and we helped in your decision, use our referral link to get C$2,600/US$2,000 off your purchase.
Previous Article

Rivian planning R2 launch event for March 7, 2024

Next Article

Tesla (TSLA) Q4 and 2023 earnings results

You might be interested in …