Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Researchers Invited to Hack a Tesla at Pwn2Own 2019

Researchers can earn up to $300,000 and a car if they manage to hack a Tesla Model 3 at this year’s Pwn2Own competition, Trend Micro’s Zero Day Initiative (ZDI) announced on Monday.

Researchers can earn up to $300,000 and a car if they manage to hack a Tesla Model 3 at this year’s Pwn2Own competition, Trend Micro’s Zero Day Initiative (ZDI) announced on Monday.

Pwn2Own 2019, scheduled to take place on March 20-22 alongside the CanSecWest conference in Vancouver, Canada, introduces an automotive category for which a Tesla Model 3 will be brought on site.

White hat hackers can earn between $50,000 and $250,000 for demonstrating an exploit against a Tesla’s modem or tuner, Wi-Fi or Bluetooth components, infotainment system, gateway, autopilot, security system, and key fob (including the phone used as a key). Some of the targeted components are also eligible for a bonus of $50,000 or $100,000 for persistence and a CAN bus hack, respectively.

“Along with the prize money, the first-round winner in this category will win a Tesla Model 3 mid-range rear-wheel drive vehicle,” ZDI said.

Prizes for hacking Tesla

In the virtualization category, Pwn2Own participants can target Oracle VirtualBox, VMware Workstation and ESXi, and Microsoft Hyper-V Client. The highest prize is for Hyper-V – up to $250,000 and a $30,000 bonus for a privilege escalation on the host.

In the web browsers category, hackers can earn tens and even hundreds of thousands of dollars for sandbox escapes, Windows kernel privilege escalations, and VM escapes. The targets are Chrome, Edge, Safari and Firefox.

The enterprise category includes Adobe Reader, Microsoft Office 365, and Microsoft Outlook. Finally, the server-side category’s only target is Windows RDP, for which hackers can earn $150,000.

“Most of our server side targets moved to our Targeted Incentive Program, so they no longer need to be included in Pwn2Own,” ZDI explained.

Advertisement. Scroll to continue reading.

The prize pool for this year’s event exceeds $1 million, and that does not include the money offered for hacking a Tesla.

At last year’s Pwn2Own, participants only took home less than $300,000 of the $2 million prize pool.

Related: IoT Category Added to Pwn2Own Hacking Contest

Related: Samsung Galaxy S9, iPhone X Hacked at Pwn2Own Tokyo

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.