Cybersecurity experts and bug bounty hunters have achieved an impressive feat, earning a substantial $1.3 million for discovering security vulnerabilities in Tesla vehicles, electric vehicle (EV) chargers, and infotainment systems at the prestigious Zero Day Initiative’s Pwn2Own Automotive competition.
At the inaugural Pwn2Own Automotive event, participants successfully identified and showcased 49 previously undiscovered vulnerabilities that impact various automotive products. This remarkable accomplishment did not go unnoticed, and the Zero Day Initiative (ZDI) generously awarded a total of $1,323,750 to the accomplished researchers and bug bounty hunters.
The highly sought-after first place at the competition was secured by the Synacktiv team, who walked away with an impressive $450,000 in earnings. This substantial amount included a significant $200,000 for successfully breaching a Tesla’s modem and infotainment system. The proficient exploitation of each of these vulnerabilities resulted in the Synacktiv team earning an impressive $100,000 for each hack.
The most substantial rewards were distributed on the opening day of the competition, where participants earned over $700,000. This included several $60,000 bounties for EV charger hacks and $40,000 bounties for infotainment system hacks. Remarkably, the Tesla modem was also compromised on the first day, adding to the thrill of the event.
The second day witnessed the Synacktiv team continuing their winning streak, earning an additional reward for their Tesla infotainment exploit. Additionally, the largest reward of the day, amounting to $35,000, was claimed for an Automotive Grade Linux exploit. Multiple teams also received substantial sums of $30,000 for their successful EV charger exploits.
As the event progressed into its third and final day, a $60,000 bounty was bestowed for an Emporia EV charger exploit. Furthermore, three other EV charger exploits earned researchers $30,000 each. Meanwhile, several hacking attempts resulted in payouts ranging from $20,000 to $26,000 for infotainment and EV charger hacks.
Looking to the future, the Zero Day Initiative is gearing up for Pwn2Own Vancouver 2024, scheduled to take place from March 20 to 22. This event, running alongside the highly anticipated CanSecWest conference in Vancouver, Canada, offers an impressive prize pool exceeding $1 million.
This year’s event is anticipated to be just as thrilling as the previous edition, where participants were rewarded with over $1 million for successfully hacking a Tesla and a variety of widely used software products.
Source:
– Zero Day Initiative’s Pwn2Own Automotive competition
+ There are no comments
Add yours