Tesla ECU exploited by hacker team who wins Model 3, $200,000
A Tesla electronic control unit (ECU) was successfully exploited by the hacker team Synacktiv, which made a name for itself by showing shortcomings in automakers’ vehicle systems.
As a result of the successful hack, Synacktiv won a new Tesla Model 3 and $200,000.
The exploit took place at the 2024 Pwn2Own event in Vancouver, where Synacktiv was able to use a single integer overflow to exploit Tesla’s ECU with Vehicle (VEH) CAN BUS Control.
CAN BUS is a Controller Area Network and, according to Dewesoft, is a “message-based protocol designed to allow the ECUs found in today’s cars to communicate with each other in a reliable, priority-driven fashion.”
In simple terms, it lets microcontrollers and devices communicate in order to enable the functionality of anything that runs off the ECU, including transmissions, airbags, cruise control, parking brakes, and other features.
When it is hacked, it essentially eliminates the vehicle from doing anything of note and can render a vehicle completely worthless.
Synacktiv successfully managed to exploit the ECU in a Tesla, which also helped them win the Model 3, the cash, and 20 Master of Pwn points, which put them in first place in the competition:
Confirmed!!! The @Synacktiv team used a single integer overflow to exploit the #Tesla ECU with Vehicle (VEH) CAN BUS Control. The win $200,000, 20 Master of Pwn points, and a new Tesla Model 3 (their second!). Awesome work as always. #Pwn2Own #P2OVancouver pic.twitter.com/FcB4fTiOa7
— Zero Day Initiative (@thezdi) March 20, 2024
The Zero Day Initiative also posted an image of the successful exploit on its blog:
Synacktiv completed numerous hacks on Tesla vehicles earlier this year at the Pwn2Own event in Tokyo. During the first few days of the event, it successfully infiltrated a security system and an infotainment system.
Tesla routinely sponsors these events and encourages hackers and groups to find shortcomings in its systems, awarding them with vehicles for doing so. The effort makes Tesla cars more secure and less prone to cyber attacks, which are evidently a concern of some.
Other groups have been successful in hacking Tesla vehicles as well. Researchers at a university in Belgium were able to copy keys and access a Model X.
I’d love to hear from you! If you have any comments, concerns, or questions, please email me at joey@teslarati.com. You can also reach me on Twitter @KlenderJoey, or if you have news tips, you can email us at tips@teslarati.com.
The post Tesla ECU exploited by hacker team who wins Model 3, $200,000 appeared first on TESLARATI.
Go to Source
Author: Joey Klender