Pwn2Own has announced that Tesla Model 3 will be the challenge for hackers in this year’s Pwn2Own event. The prize for this year’s event has been increased with many genius hackers expected to show up and break into the car.
The Pwn2Own event is a hacking contest organized twice every year challenging hackers to break into popular software, malware or famous mobile phones with unknown vulnerabilities. In the previous contest held in Tokyo in the last quarter of 2019, hackers broke into Samsung Galaxy S10 to win the Prize money. Winners of the contest are given a sum of money and the device they hacked into.
Tesla products are not new to hackers in this contest. The company has made a lot of effort to produce cars with fewer vulnerabilities in the market, causing them to put their products up for a challenge to witness how far hackers can go in breaking into it.
In 2016, Chinese white hackers hacked into Tesla Model S using a malicious Wi-Fi hotspot and reported it to the company. They have since rewarded bug finders of its product and even increased the payout to $15,000 per reported bug since 2018.
Image Source: www.cnbc.com
In one of the Pwn2Own event held last year, the Tesla Model 3 was successfully controlled after hackers exposed vulnerabilities in its systems using JIT bug in the renderer. They won the prize money and the car. Tesla returns in this year’s Pwn2Own event with another brand new Tesla Model 3 and a bigger reward.
The winner of this year’s edition will win $500,000 and drive home a brand new Tesla Model 3. As claimed by the statement, this amount will go to anyone who can evade the multiple layers of security and compromise the car completely.
According to the statement released on the Pwn2Own event expected to be held in Vancouver on March 18-20, there is more money to be won in addition to the prize money. Hackers who display arbitrary control of the Tesla Can bus employed in microcontroller and device communication will win $100,000. Also, there will be a $200,000 and $50,000 prize money for hackers who complete specific tasks at the Pwn2Own event as stated in the release.
This year’s event is packed with genius hackers expected to demonstrate zero-day exploit. The zero-day exploit will seek to impact Microsoft Office 365, Microsoft Windows 10, Microsoft Edge, Google Chrome and Oracle VirtualBox in addition to the Tesla Model 3 challenge.
The Pwn2Own event is not just about financial gain. The teams taking part are also after the master of pwn title. It has been reported that the winning team with the most points would be rewarded with 65000 ZDI points, a jacket, trophy, and most importantly, the respect of the ethical hacking community according to the report. This year’s event involves the single largest target of the event’s history as claimed by the statement. The successful team would be able to earn 70 total masters of pwn points which are said to be insurmountable.
Tesla has over the years invested a lot of money to improve the security of its products. The company has been running a bug bounty program and has paid hundreds of thousands of dollars to white hackers. Many other companies have also resorted to white hackers to find vulnerabilities in their products to patch any loophole in their next updates.
Another platform that has successfully been running this program is HackerOne. They have provided the grounds for hackers to make millions of dollars through finding vulnerabilities instead of using their skills to hurt companies as done by other hackers. This is not just a competition to give away money and Tesla Model 3, but an event that will make the Tesla product even better.
Image Source: www.kaspersky.com
Previously, a group of Chinese hackers who came from the Keen Security Lab were able to trick the self-driving software of the Tesla Model S to veer off the main road to a different lane after placing bright-colored stickers in the lane. It was discovered that the autopilot module lane’s recognition function fails to handle situations as expected though it has good robustness in the external environment.
Tesla stated that though their car failed the test put forward by the Chinese hackers, the autopilot function can be overridden with the steering wheel and brake, meaning drivers must always be ready to control the car manually. Also, the hackers succeeded because the environment of the car was artificially altered as claimed by the spokesperson of Tesla.
The Pwn2Own event has contributed a lot in helping companies to find vulnerabilities in their products and going the extra mile to work on it. It is important to note that many events have been organized to help white hackers to make some money, and it is high time people stop associating hacking to negative things.
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation to the reliance on or usage of any content, goods or services mentioned in this article.