At a hacking event in Vancouver, Canada, a team of hackers won $375k and an electric car for exposing vulnerabilities of the Tesla Model 3 electric car.
On the last day of the Pwn2Own hacking event, Tesla rewarded Richard Zhu and Amat Cama of team Fluoroacetate for detecting the weak points of the Model 3 by taking control of the infotainment system.
Weakness found in infotainment system
Although the team members have refused to reveal the exact steps of the Tesla Model 3 hacking process, speculations are being made that they used a JIT bug in the renderer to penetrate the system securities and alter the car’s firmware code.
Team Fluoroacetate won 36 points at the convention for reporting glitches in commonly used software such as Windows 10, Microsoft Edge, Apple Safari, and Firefox.
Software update on the horizon for Tesla Model 3
Vice President of Vehicle Software, David Lau praised the efforts of the team and promised to fix the hack. He said that a software update for the Model 3 would be released soon to fix the glitches in the system.
“We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems,” Lau added.
Tesla customers who already have a Model 3 do not need to worry, as the company will not be voiding warranties for the vehicles used in security research.
Tesla raises the bar for exposing vulnerabilities
Sources close to the company revealed that Tesla has awarded hacker groups thousands of dollars for exposing weaknesses in their system. Last year, the company increased the maximum payout to $15000 for reporting a bug.