Skip to main content
  1. Home
  2. Cars
  3. News

Tesla Model 3 vulnerability exposed at Pwn2Own; hackers take home the car

By

A pair of security researchers who revealed a security issue for the Tesla Model 3 at the annual Pwn2Own hacking event were able to win the electric vehicle as their prize.

This is the first time that an automaker participated in Pwn2Own, which is run by Trend Micro’s Zero Day Initiative and is in its 12th year. Tesla made the Model 3 available to hackers in the competition to look for vulnerabilities in the electric vehicle’s system.

Recommended Videos

Team Fluoroacetate, Richard Zhu and Amat Cam, took the challenge. On the final day of Pwn2Own, the duo entered the Tesla Model 3, and after a few minutes, they were able to hack the electric vehicle’s internet browser. They were able to display a message through a JIT, or just-in-time, bug that bypasses memory randomization data which is supposed to protect secrets.

Related

For their efforts, Zhu and Cam not only took home a prize of $35,000, but according to the competition’s rules, they also won the Model 3 that they successfully hacked. The pair were crowned as the Master of Pwn for 2019, as they won $375,000 out of the $545,000 awarded in this year’s Pwn2Own.

The companies that participated in Pwn2Own have received the details of the bugs that were exposed in the event, and are given 90 days to release security patches to fix the vulnerabilities. Tesla, for one, is happy with what transpired.

“We entered Model 3 into the world-renowned Pwn2Own competition in order to engage with the most talented members of the security research community, with the goal of soliciting this exact type of feedback,” Tesla said in a statement, adding that the software update to fix the bug that was identified by Team Fluoroacetate will be rolled out in the coming days.

Tesla has offered a bug bounty program for its electric vehicles over the past four years, and according to sources familiar with the matter, hundreds of thousands of dollars have been given as rewards to security researchers who have reported vulnerabilities, Electrek reported. Team Fluoroacetate is just one of many teams and individuals who are helping keep Tesla’s electric vehicles safe by sniffing out the bugs before hackers get to exploit them for criminal activities.

Editors' Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Tesla upgrades California-made Model 3 with a wireless charging pad, USB-C ports
Tesla Model 3

The Tesla Model 3 electric vehicles rolling off the Fremont, California, factory have been upgraded to include a wireless charging pad and USB-C ports.

The features, which were first introduced in Tesla's Model Y, were sold as aftermarket upgrades to the Model 3. However, last month, they were added to the standard Model 3 units that were being manufactured in China.

Read more
This company transforms Tesla’s Model 3 into a supercar-slaying track monster
Tesla Model 3

Tesla is going to great lengths to develop a high-performance Model S capable of dethroning the Porsche Taycan on Germany's grueling Nürburgring track. While the project is ongoing, and the automaker is learning as it goes, a much smaller company called Unplugged Performance has quietly specialized in tuning Tesla's electric cars since its inception in 2013. It recently built a customized Model 3 that can keep up with big-name supercars on a racetrack.

The Model 3 is extremely quick -- it hits 60 mph from a stop in just 3.2 seconds in its most potent configuration -- but it's certainly not a race car. Here's how Unplugged transformed it into one without sacrificing day-to-day usability.
Getting race ready, from the bottom up
Starting with a Model 3 Performance, Unplugged tore out the suspension and replaced it with its full suite of high-performance upgrades. It also added fade-free carbon ceramic brakes and tacked on a set of sticky Michelin Pilot Sport Cup 2 tires more commonly found on octane-slurping machines like the Chevrolet Corvette ZR1. The company then installed a full body kit that includes a reshaped front bumper, side skirts, an air diffuser built into the rear bumper, and a mammoth wing on the hatch. It's not just there for looks; it keeps the car glued to the road.

Read more
A $2,000 software update makes the Tesla Model 3 quicker
A red Tesla Model 3 at dusk.

How much would you pay to make your car quicker? Tesla reckons customers will cough up $2,000 for software that slices a few tenths of a second off the zero to 60 mph of the Model 3.

Tesla now offers an "Acceleration Boost" software update for the dual-motor all-wheel drive Model 3 that reduces the zero to 60 mph time from 4.4 seconds to 3.9 seconds, according to Autoblog. Tesla also offers a "Performance" version of the Model 3 that can do zero to 60 mph in 3.2 seconds straight out of the box, so the upgrade could lower that time even further. Owners must be running version 2019.40.2 of Tesla's operating system to qualify for the upgrade, according to Teslarati. Single-motor, rear-wheel drive models could get a similar upgrade as well, according to DragTimes.

Read more