Amat Cama
and Richard Zhu a team of hackers, who took part in the Pwn2Own 2019 hacking
competition, organized by Trend Micro's "Zero Day Initiative (ZDI)"
and exposed vulnerability in the vehicle's framework and bagged themselves an
Electric Vehicle (EV) - maker Tesla Model 3 cars along with a cash prize of
$35,000.
The hackers
focused on the infotainment framework on the Tesla Model 3 and utilized a
"JIT bug in the renderer" in order to take control of the framework.
In the
course of recent years as a part of Tesla's bug bounty program, the company had
given away thousands of dollars in remunerations to those hackers who
successfully uncovered vulnerabilities in its frameworks and the EV maker was '
fairly quick ' to fix those vulnerabilities uncovered by white hat hackers.
David Lau,
Vice President of Vehicle Software at Tesla says, "Since launching our bug
bounty programme in 2014, we have continuously increased our investments into
partnerships with security researchers to ensure that all Tesla owners
constantly benefit from the brightest minds in the community,"
He further adds,
“We develop our cars with the highest standards of safety in every respect, and
our work with the security research community is invaluable to us. Since
launching our bug bounty program in 2014 – the first to include a connected
consumer vehicle– we have continuously increased our investments into
partnerships with security researchers to ensure that all Tesla owners
constantly benefit from the brightest minds in the community. We look forward
to learning about, and rewarding, great work in Pwn2Own so that we can continue
to improve our products and our approach to designing inherently secure
systems,”
