Hackers Walk Away With $375,000 And A Tesla Model 3 At 2019 Pwn2Own Event

Sign up for daily news updates from CleanTechnica on email. Or follow us on Google News!

Credit: YouTube

“Good hacking is a gift,” Elon Musk said in 2016. It can also be highly profitable. This past week, Amat Cama and Richard Zhu — who call themselves Team Flouroacetate — walked off with the top prize at the 2019 Pwn2Own hacking contest in Vancouver, Canada. They took home $375,000 in cash prizes and got to keep the Tesla Model 3 they hacked on the last day of the competition.

Cama and Zhu used a JIT (just in time) bug in the Model 3’s browser renderer process to execute code on the car’s firmware and show a message on its entertainment system, according to ZDNet. Per contest rules announced last fall, they now gets to keep the car and a $35,000 reward. The rest of the money they earned by successfully hacking other software, including Apple Safari, Firefox, Microsoft Edge, VMware Workstation, and Windows 10.

“In the coming days we will release a software update that addresses this research,” a Tesla spokesperson told ZDNet. “We understand that this demonstration took an extraordinary amount of effort and skill, and we thank these researchers for their work to help us continue to ensure our cars are the most secure on the road today.”

This is the second Pwn2Own hacking contest Team Fluoroacetate has won. It also ranked first and received the “Master of Pwn” trophy at the Pwn2Own Tokyo conference in November 2018.

According to Wikipedia, “Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference, beginning in 2007. Contestants are challenged to exploit widely used software and mobile devices with previously unknown vulnerabilities. Winners of the contest receive the device that they exploited, a cash prize, and a ‘Masters’ jacket celebrating the year of their win.”

Organized by Trend Micro’s Zero Day Initiative team, it is considered the top hacking contest for white hat researchers in the information security field. Over the past few years, many of the companies which have had their apps hacked at Pwn2Own are now sponsoring the contest and have engineers onsite to receive the vulnerability reports from the researchers themselves, sometimes delivering patches within hours. Any successful hacks are transmitted immediately to the affected companies.

For more on how Team Flouroacetate hacked that gorgeous red Model 3, check out this video.

Chip in a few dollars a month to help support independent cleantech coverage that helps to accelerate the cleantech revolution!

Have a tip for CleanTechnica? Want to advertise? Want to suggest a guest for our CleanTech Talk podcast? Contact us here.

Sign up for our daily newsletter for 15 new cleantech stories a day. Or sign up for our weekly one if daily is too frequent.

Advertisement‌

CleanTechnica's Comment Policy

Steve Hanley

Steve writes about the interface between technology and sustainability from his home in Florida or anywhere else The Force may lead him. He is proud to be "woke" and embraces the wisdom of Socrates , who said "The secret to change is to focus all of your energy not on fighting the old but on building the new." He also believes that weak leaders push everyone else down while strong leaders lift everyone else up. You can follow him on Substack at https://stevehanley.substack.com/ and LinkedIn but not on Fakebook or any social media platforms controlled by narcissistic yahoos.

Steve Hanley has 5995 posts and counting. See all posts by Steve Hanley

Support independent cleantech journalism by donating directly to CleanTechnica!Advertise with CleanTechnica to get your company in front of millions of monthly readers.‌

‌

NEXT ARTICLE

Steve Hanley

Today in Home