Skip to main content
  1. Home
  2. Cars
  3. News

Tesla Model 3 vulnerability exposed at Pwn2Own; hackers take home the car

By

A pair of security researchers who revealed a security issue for the Tesla Model 3 at the annual Pwn2Own hacking event were able to win the electric vehicle as their prize.

This is the first time that an automaker participated in Pwn2Own, which is run by Trend Micro’s Zero Day Initiative and is in its 12th year. Tesla made the Model 3 available to hackers in the competition to look for vulnerabilities in the electric vehicle’s system.

Recommended Videos

Team Fluoroacetate, Richard Zhu and Amat Cam, took the challenge. On the final day of Pwn2Own, the duo entered the Tesla Model 3, and after a few minutes, they were able to hack the electric vehicle’s internet browser. They were able to display a message through a JIT, or just-in-time, bug that bypasses memory randomization data which is supposed to protect secrets.

Please enable Javascript to view this content

For their efforts, Zhu and Cam not only took home a prize of $35,000, but according to the competition’s rules, they also won the Model 3 that they successfully hacked. The pair were crowned as the Master of Pwn for 2019, as they won $375,000 out of the $545,000 awarded in this year’s Pwn2Own.

Related

The companies that participated in Pwn2Own have received the details of the bugs that were exposed in the event, and are given 90 days to release security patches to fix the vulnerabilities. Tesla, for one, is happy with what transpired.

“We entered Model 3 into the world-renowned Pwn2Own competition in order to engage with the most talented members of the security research community, with the goal of soliciting this exact type of feedback,” Tesla said in a statement, adding that the software update to fix the bug that was identified by Team Fluoroacetate will be rolled out in the coming days.

Tesla has offered a bug bounty program for its electric vehicles over the past four years, and according to sources familiar with the matter, hundreds of thousands of dollars have been given as rewards to security researchers who have reported vulnerabilities, Electrek reported. Team Fluoroacetate is just one of many teams and individuals who are helping keep Tesla’s electric vehicles safe by sniffing out the bugs before hackers get to exploit them for criminal activities.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Tesla’s Model 3 is reportedly heading for a redesign
A Tesla Model 3 electric car.

Tesla is currently working on a redesign of the Model 3 in a bid to help the automaker reduce production costs, a new report claims.

Codenamed “Highland,” the project to revamp the Model 3 would cut the complexity and number of components inside Tesla’s electric car, four people claiming to have knowledge of the matter told Reuters this week. Changes to the Model 3’s exterior and powertrain performance are also possible, the report said.

Read more
Tesla receives massive Model 3 order from car-rental giant Hertz
A Tesla Model 3 electric car.

Tesla’s market value increased beyond $1 trillion on Monday after Hertz announced "an initial order" of 100,000 vehicles from the automaker.

Hertz has ordered the Tesla Model 3, which starts at around $40,000 and is the automaker’s best-priced vehicle among its current range of electric vehicles (EVs).

Read more
2020 Tesla Model S vs. 2020 Tesla Model 3
Tesla Model 3

Tesla's Model S and Model 3 are both electric and packed with cutting-edge technology. While they overlap in some areas, they're completely different cars that share very few common parts. The S is much older, considerably bigger, and a lot more expensive than the 3, which likely explains why it's outsold by its smaller sibling.

Here's how Tesla's two sedans compare on paper.

Read more