HomeSecurity OperationsTesla Electric Cars Targeted in $1 Million Hacking Spree

Tesla Electric Cars Targeted in $1 Million Hacking Spree

Published on

spot_img

The first-ever Pwn2Own Automotive hacking event saw multiple teams of elite hackers descend on Tokyo during the Automotive World conference. With more than $1 million in bounty payments on offer, the competition was fierce. The event, organized by the Trend Micro Zero-Day Initiative, focused solely on the automotive sector and involved the best hacking teams from around the world.

The concept of the Pwn2Own Automotive event is similar to other hacking events organized by the Zero-Day Initiative. Here, hacking teams from across the globe compete against each other using previously unknown ‘zero-day’ exploits to gain access to pre-determined tech targets. However, in the case of Pwn2Own Automotive, the sole focus was on electric vehicles and the systems and services associated with them.

The bounty-hunting hackers and security researchers were given strict time limits to successfully hack specific targets. Successful demonstrations of newly discovered vulnerabilities, known as zero-days, were rewarded with substantial cash payments. The event saw the successful exploitation of 49 unique zero-days, amounting to bounties worth an astonishing $1,323,750 over the course of three days.

The highlight of the event was the successful hacking of Tesla vehicles by the same group of hackers, Team Synacktiv. The hackers managed to exploit vulnerabilities in the Tesla Modem and the Tesla Infotainment System, earning a total of $450,000 in cash prizes. Furthermore, Team Synacktiv also compromised other targets, including smart EV charging stations, automotive-grade Linux, and infotainment systems, further solidifying their victory.

Despite the alarming nature of these hacks, they serve a greater purpose. Every vulnerability that the hackers exploit is immediately brought to the attention of the respective vendors to ensure that the issues are fixed. This allows the vendors to release patches before any technical information is disclosed to the public, preventing less ethical actors from exploiting these vulnerabilities. It is important to note that none of the zero-days exploited during the event were sold or redistributed by the Zero-Day Initiative.

In light of these events, Forbes reached out to Tesla for comment but a reply was not immediately available.

With the conclusion of Pwn2Own Automotive 2024, the focus on the vulnerabilities in electric vehicle systems has underscored the need for robust cybersecurity measures in the automotive sector. The event has not only exposed potential weaknesses in the systems but also provided an opportunity for patching these vulnerabilities, ultimately contributing to the overall security of electric vehicles and associated technologies.

Source link

Latest articles

Identifying online disinformation techniques

In today's world of information, knowledge is often just a few clicks away, thanks...

Secure Access in the Age of AI

Microsoft’s Principal Product Manager, Jef Kazimer, and Senior Product Manager, Bailey Bercik, were featured...

Vastaamo Hacker Vanishes During Ongoing Trial

The news article reports on the disappearance of Aleksanteri Kivimaki, a Finnish hacker who...

“Organizations are experiencing a significant identity crisis while criminals benefit” – The Register

Identity-related threats are becoming a growing concern for network security professionals due to the...

More like this

Identifying online disinformation techniques

In today's world of information, knowledge is often just a few clicks away, thanks...

Secure Access in the Age of AI

Microsoft’s Principal Product Manager, Jef Kazimer, and Senior Product Manager, Bailey Bercik, were featured...

Vastaamo Hacker Vanishes During Ongoing Trial

The news article reports on the disappearance of Aleksanteri Kivimaki, a Finnish hacker who...
en_USEnglish