Tesla, OS, Software Exploits Earn Hackers $1.1 Million at Pwn2Own 2024

A hacking competition called Pwn2Own 2024 in Vancouver awarded over $1.1 million to participants who discovered vulnerabilities in various software and devices. This security competition incentivizes hackers to discover and report vulnerabilities in widely used software and devices. By finding these vulnerabilities, companies can patch them before malicious actors exploit them for criminal purposes.

The biggest winners were those who found exploits compromising Tesla cars. On the first day, hackers earned a combined $732,500 for finding 19 zero-day vulnerabilities. These vulnerabilities affected Tesla cars, along with popular operating systems and programs like Windows, Ubuntu, and Adobe Reader.

The top prize of $200,000 went to a team from Synacktiv for hacking a Tesla's electronic control unit (ECU), which could potentially allow them to manipulate the car. The second day's top earner was Manfred Paul, who won $100,000 for a critical Firefox exploit. Paul's exploit allowed for remote code execution and escaping the program's sandbox protections. Overall, Paul won more than $200,000 during the competition by also hacking other browsers as well.

Source: SecurityWeek 03/22/2024