Brother
Professional
- Messages
- 2,590
- Reaction score
- 483
- Points
- 83
One of the teams showed total dominance. Who are these white hackers?
The first automotive hacking championship Pwn2Own Automotive 2024 ended in Tokyo, where participants earned $1,323,750 by hacking a Tesla car twice and demonstrating 49 zero-day vulnerabilities in the systems of various electric vehicles. The hacker contest was held from January 24 to 26.
The competition, organized by Trend Micro's Zero Day Initiative (ZDI) as part of the Automotive World automotive conference, offered hackers a range of targets to attack, including fully updated charging stations for electric vehicles, multimedia systems and directly operating systems of cars.
After a white hacker successfully exploits a zero-day vulnerability, it is reported to the manufacturer, who has 90 days to release a security patch before details about the vulnerability are publicly disclosed.
Since the competition has already ended, the winners are also known. This year, they were white hackers from the Synacktiv team, who managed to earn $450,000. These are followed by the following commands fuzzware.io with $177,500 and Midnight Blue / PHP Hooligans with $80,000.
The Synacktiv team hacked a Tesla electric car twice. On the first day, hackers used three 0day vulnerabilities to access the car's modem, and on the second day they successfully exploited two more 0day vulnerabilities, demonstrating a leak from the sandbox of Tesla multimedia systems.
Synacktiv also demonstrated two unique chains of two vulnerabilities targeting the Ubiquiti Connect EV and JuiceBox 40 Smart EV charging stations, as well as a three-vulnerability exploit targeting the Automotive Grade Linux operating system.
Notably, the Synactiv hacking team also took first place at the Pwn2Own Vancouver 2023 championship in March, earning $530,000 and a Tesla car for two exploit chains targeting the gateway and multimedia system.
Earlier this month, ZDI announced that the Pwn2Own Vancouver 2024 championship is scheduled for March 20 as part of the CanSecWest 2024 conference, so we'll definitely hear more from the Synacktiv guys.
The upcoming event will feature prizes in excess of $1,000,000 for exploits in various software categories and automotive systems found in Tesla's Model 3 and Model S vehicles.
The first automotive hacking championship Pwn2Own Automotive 2024 ended in Tokyo, where participants earned $1,323,750 by hacking a Tesla car twice and demonstrating 49 zero-day vulnerabilities in the systems of various electric vehicles. The hacker contest was held from January 24 to 26.
The competition, organized by Trend Micro's Zero Day Initiative (ZDI) as part of the Automotive World automotive conference, offered hackers a range of targets to attack, including fully updated charging stations for electric vehicles, multimedia systems and directly operating systems of cars.
After a white hacker successfully exploits a zero-day vulnerability, it is reported to the manufacturer, who has 90 days to release a security patch before details about the vulnerability are publicly disclosed.
Since the competition has already ended, the winners are also known. This year, they were white hackers from the Synacktiv team, who managed to earn $450,000. These are followed by the following commands fuzzware.io with $177,500 and Midnight Blue / PHP Hooligans with $80,000.
The Synacktiv team hacked a Tesla electric car twice. On the first day, hackers used three 0day vulnerabilities to access the car's modem, and on the second day they successfully exploited two more 0day vulnerabilities, demonstrating a leak from the sandbox of Tesla multimedia systems.
Synacktiv also demonstrated two unique chains of two vulnerabilities targeting the Ubiquiti Connect EV and JuiceBox 40 Smart EV charging stations, as well as a three-vulnerability exploit targeting the Automotive Grade Linux operating system.
Notably, the Synactiv hacking team also took first place at the Pwn2Own Vancouver 2023 championship in March, earning $530,000 and a Tesla car for two exploit chains targeting the gateway and multimedia system.
Earlier this month, ZDI announced that the Pwn2Own Vancouver 2024 championship is scheduled for March 20 as part of the CanSecWest 2024 conference, so we'll definitely hear more from the Synacktiv guys.
The upcoming event will feature prizes in excess of $1,000,000 for exploits in various software categories and automotive systems found in Tesla's Model 3 and Model S vehicles.
