HomeNewsHacker Wins $200,000 in a Bug Bounty and a Brand-New Tesla Model...

Hacker Wins $200,000 in a Bug Bounty and a Brand-New Tesla Model 3 Twice

As Tesla leads the charge in electric vehicles and every day getting better self-drive technology, there’s something that continuous attention: cybersecurity.

Just like any other company, Tesla faces the looming threat of problems in its systems. A bunch of ethical hackers recently found such loopholes in Tesla’s system winning insane amounts in rewards and a Tesla car.

For years, Tesla has been putting a lot of effort into cybersecurity. They’ve been teaming up with ethical hackers and joining events like the Pwn2Own hacking competition.

2024 Tesla Model 3 Highland in US

Hacker Wins $200,000 and Tesla Model 3 in Bug Bounty Program

At these competitions, they offer some very big prizes and even let hackers try to break into their electric cars. Here’s all the news from the event.

Pwn2Own Vancouver

Pwn2Own is like a big hacking contest that happens every year. It’s where expert researchers and ethical hackers find and fix security issues in popular software and devices. These events come with huge prizes for finding such crucial vulnerabilities in popular products like Adobe Reader, Windows 11, SharePoint, and more.

Tesla actively sponsors big amounts in events like Pwn2Own even giving away EVs as rewards. Such events highlight the constant need for strong cybersecurity efforts to guard against cyber threats.

Synacktiv, a French team recently uncovered a significant vulnerability in Tesla’s systems at the Pwn2Own Vancouver 2024 competition. Synacktiv made headlines by winning big—a staggering $200,000 in cash and a shiny new Model 2.

How did they do it?

With just a single integer overflow against the Tesla ECU using Vehicle CAN BUS Control. This impressive victory is Synacktiv’s second time cracking Tesla, earning them their second Tesla Model 3, as per the Zero Day Initiative.

They won their first one in last year’s competition by exploiting Tesla’s vulnerabilities. You can read more about it in our post from the last year here.

Hack Your Way Into a Tesla Model 3, $500,000 Grand Prize Up for Grabs

Tesla Vulnerability Exploit At Zero Day

Not all hackers are wearing the white hat and even a small glitch could cost millions for companies like Tesla. The Synacktiv team effortlessly hacked into Tesla’s system in a mere thirty seconds at the event. This time hacking into Tesla’s electronic control unit (ECU) and vehicle CAN BUS.

Their quick success earned them a substantial $200,000 reward along with a brand-new Tesla Model 3. They managed to achieve this on the competition’s first day itself garnering a newfound reputation worldwide.

Tesla frequently supports events like these, inviting hackers and teams to uncover any weaknesses in its systems. Such initiatives help enhance the security of Tesla’s system, reducing the risk of potential cyberattacks.

Besides Tesla’s initiatives, other groups have also been successful in hacking Tesla vehicles. For instance, researchers at a university in Belgium managed to replicate keys and get into a Model X.

Hackers found three vulnerabilities in Tesla vehicles that could allow malicious hackers to remotely access and control a Tesla. Unethical hackers can control turning off lights, honking the horn, and trunk, turning on windshield wipers, and tampering with the main infotainment system.

At a recent event in Tokyo earlier this year organized by Zero Day Initiative, Synacktiv found and exploited bugs in Tesla’s infotainment system. They won $100,000 for their efforts at the event.

At the Pwn2Own Vancouver event last year, Synacktiv successfully exploited these vulnerabilities. Their achievement won them a Tesla Model 3, and a total of $530,000 in rewards.

How Tesla Keeps Cyber Security in Check?

Even though we’ve known about the risks of IoT devices for a while, many cybersecurity tools still don’t fully protect them.

Luckily, Tesla is doing a better job than most at managing security. They’ve already taken steps to protect their cars, like starting a bug bounty program where researchers can report any problems they find.

One Reddit user shares his views on how such events reassure trust in brands like Tesla

“This is one of the reasons why I bought a Tesla. The fact that they will do this to ensure security makes me feel very confident in my car not getting stolen”

byu/1oneplus from discussion

This focus on security got a big boost after CEO Elon Musk talked about the risk of a “fleet-wide hack” at a presentation in July 2017.

Musk highlighted this concern at the National Governors Association in Rhode Island, stressing the need to protect Tesla’s vehicles and self-drive tech.


Programs like Pwn2Own aim to encourage and reward ethical hackers. Finding and fixing such bugs can save huge losses to the automakers before cybercriminals gets to exploit them.

Programs like these are super important for car companies to stay ahead of the bad guys. Tesla, in particular, takes cybersecurity seriously. They even have their own bug-bounty program where hackers can report issues, and they’ll get rewarded for it.

Purnima Rathi
Purnima Rathi
Purnima has a strong love for EVs. Whether it's classic cars or modern performance vehicles, she likes to write about anything with four wheels, especially if there's a cool story behind it.


Please enter your comment!
Please enter your name here

Most Popular