January 25, 2024 at 10:50AM
During the Pwn2Own Automotive 2024 hacking contest in Tokyo, Synacktiv Team demonstrated 24 unique bugs, earning $382,500. They hacked the Tesla infotainment system and Automotive Grade Linux, collecting a total of $435,000. The competition focuses on automotive technologies and vendors have 90 days to release security fixes after the event.
From the meeting notes, the key takeaways include:
– The Pwn2Own Automotive 2024 hacking contest took place in Tokyo, Japan, during the Automotive World auto conference from January 24 to January 26.
– The contest focused on automotive technologies, targeting electric vehicle (EV) chargers, infotainment systems, and car operating systems, including Automotive Grade Linux, Android Automotive OS, and BlackBerry QNX.
– Security researchers collected significant cash prizes and were awarded Tesla cars for successfully demonstrating zero-day vulnerabilities and exploits.
– Synacktiv Team was mentioned as having won substantial prizes for their successful exploits, including the Tesla Infotainment System and the Automotive Grade Linux operating system.
– The competition resulted in a total of 48 zero-days being exploited and $1,101,500 being awarded to participants.
– Vendors have 90 days after the competition to release security fixes before TrendMicro’s Zero Day Initiative publicly discloses the zero-days.
– It was noted that security researchers also earned $1,035,000 and a Tesla Model 3 car during the Pwn2Own Vancouver 2023 competition after demoing a total of 27 zero-days and several bug collisions.
If you have any further questions or need additional information, please let me know.