Hacker conquer Tesla car and Web browser Hacked get won the price UDS $545,000
First and the second-day contest ended up with a various successful
attempt to exploit the different bugs in multiple software vendors including,
Microsoft, VMware, Oracle and Apple.
In Pwn2Own 2019 final day, Zero
Day Initiative introduced the Tesla car in automotive category and the
Fluoroacetate team made an attempt to exploit the Tesla Model 3 internet
browser. Tesla offers the prizes range from $35,000 to $300,000 depending on a variety
of factors including the exploit used.
Finally, Fluoroacetate team used a JIT bug and exploit the browser let
displays their message remotely from their system. IN this case, successfully
demonstration reward $35,000, Of course, they also get the car which they
exploited.
Hackers Richard Zhu and Amat Cam, known as team Fluoroacetate, “thrilled
the assembled crowd” as they entered the vehicle, according to ZDI, which noted
that after a few minutes of setup, they successfully demonstrated their
research on the Model 3 internet browser.
Fluoroacetate team of Richard Zhu and Amit Came earned them $375,000,
laptops and a car over the contest and resulted in 36 Master of Pwn points.
According to ZDI, “Overall, the three days of Pwn2Own
Pwn2Own’s spring vulnerability research competition, Pwn2Own Vancouver,
was held March 20 to 22 and featured five categories, including web browsers,
virtualization software, enterprise applications, server-side software and the
new automotive category.
Vancouver 2019 have been a great success. We have awarded a total of
$545,000 for 19 unique bugs in Apple Safari, Microsoft Edge and Windows, VMware
Workstation, Mozilla Firefox, and – in its inaugural year – the Tesla
infotainment system. In this case, all the exploited zero-day report will be
notified to respective vendors and now have 90 days to produce security patches
to address the issues we reported. ZDI said.